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Abstract 

We propose a general framework for first-order functional logic programming, supporting 
lazy functions, non-determinism and polymorphic datatypes whose data constructors obey 
a set C of equational axioms. On top of a given C, we specify a program as a set 1Z of C- 
based conditional rewriting rules for defined functions. We argue that equational logic does 
not supply the proper semantics for such programs. Therefore, we present an alternative 
logic which includes C-based rewriting calculi and a notion of model. We get soundness and 
completeness for C-based rewriting w.r.t. models, existence of free models for all programs, 
and type preservation results. As operational semantics, we develop a sound and complete 
procedure for goal solving, which is based on the combination of lazy narrowing with 
unification modulo C. Our framework is quite expressive for many purposes, as e.g. solving 
action and change problems, or realizing the GAMMA computation model. 

Keywords: functional logic programming, polymorphic types, algebraic data construc- 
tors, lazy narrowing. 



1 Introduction 

The interest in multiparadigm declarative programming has grown up during the 
last decade, giving rise to different approaches to the integration of functions into 
logic programming; see (?) for a good survey. Declarative programming, in the wide 
sense, should have a firm foundation in logic. Therefore, we are especially interested 
in approaches which provide a logical semantics for programs. Several early pro- 
posals, as e.g (?; ?; ?), focused on the idea of using equational logic as a basis for 
a semantically clean integration of functions and predicates. In these approaches, 
programs are built from conditional rewrite rules (oriented conditional equations, 

* Our research has been partially supported by the Spanish National Project TIC98-0445-C03-02 
"TREND" and the Esprit BRA Working Group EP-22457 "CCLII" . 
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see e.g. (?)), and one obtains an analogon of the well-known least Herbrand model 
for pure logic programs (?), where the Herbrand universe is replaced by its quo- 
tient modulo the least congruence induced by an equational theory. Goals become 
systems of equations, and narrowing (a natural combination of rewriting and unifi- 
cation, originally proposed as a theorem proving tool (?; ?)) can be used as a goal 
solving mechanism (?). 

Unfortunately, equational logic has a drawback from the viewpoint of the se- 
mantics of lazy functional languages, such as Haskell (?; ?). These languages allow 
non-strict functions, that may return a result even if the values of some arguments 
are not known, or are known only partially. For instance, the function head that 
returns the first element of a list, does not need to know the rest of the list; and 
the function fst that returns the first component of an ordered pair, does not need 
to know at all the value of the second component. In a lazy functional language, 
expressions can sometimes denote infinite data structures (for instance, the list of 
all odd numbers), and their values are computed gradually by means of a lazy re- 
duction strategy (see (?)) which delays the evaluation of function arguments until 
they are needed. In general, the identity between two expressions which have the 
same infinite value cannot be proved in equational logic. Consider, for instance, 
the following equations, which can be seen as a functional program defining the 
functions oddNumbers and oddlMumbers* . List constructors are written in Prolog 
notation. 

oddNumbers « oddsFrom(l) 

oddsFrom(n) w [n | oddsFrom(n + 2)] 

oddNumbers* « oddsFrom*(l) 

oddsFrom*(n) « [(2 * n) - 1 | oddsFrom*(n + 1)] 

According to the semantics of lazy functional languages, the two expressions 
oddNumbers and oddNumbers* have the same value, namely the infinite list of all 
odd positive integers. There is nothing unnatural in this. However, the equation 
oddNumbers w oddNumbers* cannot be deduced in equational logic from the equa- 
tions in the program. As a consequence, we cannot claim that the semantics of a 
program is characterized by deducibility from the program, viewed as a theory in 
equational logic. In contrast to this, the semantics of pure logic programs can be 
characterized in terms of deducibility from the program (a set of Horn clauses) in 
Horn logic, a very simple fragment of intuitionistic predicate logic. This claim is 
true both for the least Herbrand model semantics (?) as well as for the C-semantics 
(?), which corresponds to the natural generalization of the least Herbrand model to 
the Herbrand universe consisting of open terms, with variables. To have a natural 
characterization of program semantics in terms of logical deducibility realizes the 
ideal of declarative programming, and helps to provide useful techniques for proving 
the semantic adequateness of program execution mechanisms. 

Since identities between expressions with a common infinite value can be unprov- 
able in equational logic, using them in goals or conditions of conditional rewrite 
rules leads to some incompleteness results for conditional narrowing (?). In order 
to avoid this problem, the designers of the lazy functional+logic language K-LEAF 
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(?) proposed to distinguish between equalities e ~ e' in the sense of equational 
logic (also known as algebraic equalities) and strict equalities, written as e == e' , 
intended to mean that expressions e and e' have a common value that is finite 
and total, in the sense of the theory of semantic domains used for the denotational 
semantics of programming languages (?; ?). Strict equality has been also adopted 
by other lazy functional logic languages, for instance BABEL (?). Typically, lazy 
functional logic languages with strict equality rely on a constructor discipline. Op- 
eration symbols are classified in two categories: defined functions, whose behaviour 
depends on the rewrite rules given in a program, and free data constructors, which 
are used to represent computed values. More precisely, data terms built from data 
constructors without any occurrence of defined function symbols, always denote fi- 
nite and total values. Moreover, different data terms always denote different values 
(this is why data constructors are called free). Thanks to the constructor discipline, 
strict equations e == e' can be proved by reducing both expressions e and e' to a 
common data term t. In languages such as K-LEAF and BABEL, strict equality 
logically entails algebraic equality (but not vice versa). Regarding goal solving, it 
is known that lazy narrowing (a non-strict version of narrowing originally proposed 
in (?)) can provide a sound and complete operational semantics. 

Unfortunately, data terms and strict equality do not fully characterize the se- 
mantics of a lazy language. For expressions such as oddlMumbers whose value is 
infinite, there is no data term t that represents that value. However, by introducing 
the special data constant _L which denotes the undefined value, it is possible to 
build partial data terms t which represent finite approximations of e's value. For 
instance, the partial data term [1, 3, 5, 7 | _L] denotes a list formed by the first four 
odd numbers, followed by an undefined rest, which is a finite approximation of the 
value of oddlMumbers. Now, imagine approximation statements of the form e — ► t, 
intended to mean: H denotes a finite approximation of e's value". Then, a logic 
with the ability to deduce such statements from a program could be used as logical 
framework for lazy functional logic programming. This approach has been recently 
developed in (?; ?) under the name Constructor-based ReWriting Logic (shortly, 
CRWL). In CRWL, the semantic value of any expression e can be characterized 
by the (possibly infinite) set of all approximation statements e — > t that can be 
deduced from the program. Moreover, strict equations e == e' can be proved by 
proving two statements e — > t, e' — > t for some common total data term t (without 
occurrences of _L). In fact, CRWL does not enforce the restriction that such a t 
must be unique. For instance, if we assume constant constructors 0, 1 and 2, the 
following is allowed as a legal CRWL program: 

coin — > double(x) — > plus(x, x) plus(0,0)^0 plus(l,0) — > 1 
coin ^ 1 plus(0, plus(l,l)->2 

Given this program, coin == coin can be proved in two different ways, corre- 
sponding to the approximation statements coin — > and coin — > 1. More generally, 
CRWL interprets e == e' as a joinability statement, meaning that e and e' admit 
some common total value, not necessarily unique. As illustrated by coin, the rewrite 
rules in a CRWL program are not required to be confluent, and defined functions 
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can be non-deterministic. The combination of non-deterministic functions and lazy 
evaluation turns out to be a very useful programming technique. However, in the 
presence of non-determinism, neither joinability statement e == e' nor algebraic 
equations e w e' do entail that both expressions e and e' have the same semantic 
value. For instance, in CRWL the joinability statement coin == 1 can be deduced 
from the program above. Also, if we would view the rewrite rules of the program 
as equations, equational logic would allow us to deduce coin « 1. Since 1 is not the 
denotation of coin in the intended non-deterministic semantics, we must use CRWL 
in place of equational logic, if we want to characterize the behaviour of programs. 

From the various alternatives known for the semantics of non-determinism, CRWL 
has chosen call-time choice (see (?; ?)), whose intuitive meaning is to fix a choice 
for the values of the arguments of a function, before executing the function call. 
This semantics does not force functions to be strict, because the values chosen 
for the argument expressions can be partial approximations (even _L). Note that, 
according to this semantics, the possible total values of double(coin) are and 2, 
but not 1. For this reason, CRWL uses lazy narrowing with sharing to obtain a 
sound and complete goal solving mechanism. Details can be found in (?), along 
with model theoretic semantics and a deeper motivation of the interest of CRWL 
as a framework for declarative programming. 

Extensions of CRWL dealing with modularity (?) and higher-order programming 
(?) have been investigated. The aim of the present paper is to extend CRWL in a 
different direction, by introducing algebraic polymorphic datatypes. The result will 
be a more expressive framework ACRWL (Algebraic Constructor-based Re Writing 
Logic ). More precisely, ACRWL will include user-defined polymorphic datatypes 
similar to those used in modern functional languages such as Haskell (see e.g. (?)), 
but with a novel point: The data constructors will be not necessarily free 1 ; instead, 
we will allow to specify a set C of equational axioms to control the constructors' 
behaviour. For instance, in our framework we can define a datatype for polymorphic 
sets as follows: 

datatypes constructors equations 

Set(a) { } Set(a) {x \ {y \ zs}} « {y \ {x \ zs}} 

{• | •} : (a, Set(a)) -> Set (a) I {a; I zs}} w {x | zs} 

where the set constructors { } (to build an empty set) and {• | •} (to add an element 
to a set) are controlled by the two given equations. By omitting the second one, we 
can obtain a data type for polymorphic multisets. 

Data constructors with associated equations will be called eguational or algebraic 
in the rest of this paper. Algebraic data constructors play an important role in sev- 
eral recent proposals for extended logic programming and multiparadigm declara- 
tive programming; see e.g. (?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?). Some of these 
works do not consider functions, or lazy evaluation, while some others only allow 
some particular algebraic data constructors (most often sets and/or multisets). In 

1 Note that user-defined datatypes are also called "algebraic" in Haskell. In spite of this termi- 
nology, Haskell's data constructors are free. 
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a higher-order language, sets and multisets can be represented as functions, rather 
than using data constructors. The advantages of each representation are problem 
dependent; see e.g. (?). 

We are also aware of some related work on functional logic languages with free 
polymorphic types (?; ?; ?), where the model theoretic semantics is more complex 
than the one we will develop, and algebraic data constructors are not considered. 
But, as far as we know, declarative programming with lazy functions and a general 
notion of algebraic polymorphic datatype, has not been investigated previously. We 
view a program as a set of C-based conditional rewrite rules to define the behaviour 
of lazy functions on top of a given set C of cquational axioms for data constructors. 
Both constructors and defined functions have polymorphic principal types. As in 
CRWL (?), defined functions are non-strict and possibly non-deterministic. For 
instance, a non-deterministic function which selects an arbitrary element from a 
non-empty set can be defined by a single rewrite rule: 

select : Set (a) — > a 
select({x | xs}) — > x 

Now, due to the equational axioms for the set constructor, a goal such as select{{a, 
b,c}) == x, where a; is a variable and a,b,c are pairwise distinct constants, has 
three possible answers, namely x — a, x — b and x = c. A Prolog-like sequential 
implementation would be expected to deliver the three answers one after the other, 
by using a backtracking mechanism. 

We present declarative and operational semantics for ACKWL programs. With 
respect to the declarative semantics, we have followed the lines of CRWL (?), but 
with two major modifications. Firstly, our models are algebras with two carriers 
(for data and types, respectively), inspired by the polymorphically order-sorted 
algebras from (?). Secondly, the constructor-based rewriting calculi from (?) have 
been modified to incorporate a set C of equational axioms for constructors while 
respecting the intended behaviour of lazy evaluation. To achieve this aim, we give 
an inequational calculus which interprets each equational axiom in C as a scheme 
for generating inequalities between partial data terms (built from constructors and 
a bottom symbol !_). For instance, the equation {x | {x | zs}} « {x \ zs} for sets 
will be regarded as a scheme to generate all the inequalities {s | {s | r}} □ {s \ r} 
and {t | r} 3 {t I I r }}> where t, r are partial data terms, and s is a total 
data term (without occurrences of _L). Inequalities are thought of as defining an 
approximation ordering. The need to deal with equations from C in this special way 
will be justified in Sections |21 and 0] 

Regarding the operational semantics, we provide a lazy narrowing calculus, na- 
med LNCEC, for goal solving. In contrast to the narrowing calculus from (?) 
and other related approaches based on free data constructors, LNCEC must work 
modulo the equational axioms C which control the algebraic data constructors in 
ACRWL programs. In fact, we have borrowed ideas from several previous works, 
such as (?; ?; ?; ?). The main novelty w.r.t. (?; ?) is the treatment of algebraic 
polymorphic types. Our lazy narrowing calculus provides mutation rules (in the line 
of (?)) for applying equational axioms in C. 
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Our goal solving calculus LNCEC is presented as a system of goal transforma- 
tions. Thanks to the combination of lazy narrowing and C-based mutations, it can 
cope with infinite data structures and algebraic constructors simultaneously. For 
instance, assume that we extend the little program above by adding the datatype 
Nat, the constructors Zero :— > Nat and Sue : Nat — > Nat, and the defining rule: 

gen_set_nat : Nat -> Set (Nat) 

genset-nat(n) — > {n \ gen_set_nat(Suc(n))} 

Then, the goal Suc(Suc( Suc(Zero))) == select(gen_setjnat(Zero)) can be solved 
by LNCEC. More generally, we can prove soundness and completeness of LNCEC 
w.r.t. the declarative semantics. Exactly as in the case of logic programming, the 
completeness result does not imply the absence of failing computations and/or 
infinite computations in the search space. The completeness proof splits the goal 
solving process in two phases, like in (?). The first phase allows to transform a 
goal into a quasi-solved goal only containing variables, whereas the second phase 
transforms a quasi-solved goal into a solved goal representing a computed answer 
for the initial goal. 

Our theoretical results show that the ACRWL framework provides a firm basis 
for a very expressive combination of declarative programming features. Neverthe- 
less, we are aware of the difficulty of filling the gap between the present theory 
and an efficiently implemented programming language. In particular, the LNCEC 
calculus is far from being adequate as a description of a directly implementable 
computation strategy; its shortcomings will be discussed in sections and below. 
In the absence of algebraic constructors, the needed narrowing strategy (?; ?) can 
be used to alleviate the problem; sec the discussion in (?), section 8. As far as we 
know, no analogon of needed narrowing is available for rewrite systems based on 
algebraic constructors. In spite of this, we believe that there is hope of obtaining 
reasonably efficient implementations for some particular instances of ACRWL. Es- 
pecially, we have in mind the case of multisets, which (combined with other free 
data types) can be used for many interesting applications, including action and 
change problems (?) and the GAMMA programming model (?; ?). A first proposal 
for implementing ACRWL, restricted to multisets and free data types, can be found 
in (?) 2 . 

The rest of the paper is organized as follows: Section [3 sets the basic formal- 
ism, defining polymorphic signatures, expressions and equational axioms for data 
constructors, along with the calculus needed to deduce approximation inequalities 
from them. In Section we present ACRWL programs, given by C-based rewrite 
rules for defining lazy functions on top of a given set C of equational axioms. Some 
simple programming examples, dealing with action and change problems and the 
GAMMA computation model, are included here. The behaviour of ACRWL as a 
logic is given by rewriting calculi, which are presented in Section^] along with some 
type preservation results. Section [S] deals with model theory, showing the existence 

2 In fact, the language whose implementation is discussed in (?) has also some constraint solving 
capabilities. 
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of free models for ACRWL programs, as well as soundness and completeness results 
for the rewriting calculi w.r.t. models. Section presents our goal solving calculus 
LNCEC, whose main properties (namely, soundness, completeness and type preser- 
vation) are proved in Section[7] Finally, some topics for future research are pointed 
in the concluding Section|S| In order to improve readability, many proofs have been 
moved to an Appendix. 

2 Signatures, Types, Expressions and Equations 

We assume a countable set TVar of type variables a, [3, etc, and a countable ranked 
alphabet TC = [J n>0 TC n of type constructors K,K', etc. Polymorphic types 
t, t', . . . G Trc(TVar) are built as r ::= a | K(ti, . . . , r n ), where a G TVar, 
K G TC n , Ti G TTc(TVar), 1 < i < n. The set of type variables occurring in r is 
written tvar{r). 

We define a polymorphic signature E over TC as a triple (TC , DC , FS), where 
DC is a set of type declarations for data constructors, of the form c : (ti, . . . , r„) — > 
t with 1J" =1 tvar(ri) C tvar(r) (so-called transparency property), and FS is a set 
of type declarations for defined function symbols, of the form / : (n, . . . , r n ) — > t. 
In the following, we will say that h : (n, . . . ,r„) — * t G DC U FS is a transparent 
type declaration iff IJILi tvariji) C tvar(r). 

We require that £ does not include multiple type declarations for the same sym- 
bol. The types given by declarations in DC U FS 1 are called principal types. We 
will write h G DC™ U FS 71 to indicate the arity of a symbol according to its type 
declaration. In the following, DC± will denote DC extended by a new declaration 
_L:-^ a. The bottom constant constructor _L is intended to represent an undefined 
value. Analogously, £j_ will denote the result of replacing DC by DC± in £. 

Assuming another countable set DVar of data variables x,y, etc, we build total 
expressions e,r, ... G Expr^(DVar) as e ::= x \ h(e±, . . . , e n ), where x G DVar, 
h G DC™ U e ; G Expr^(DVar), 1 < i < n. The set Expr^^DVar) of partia/ 

expressions is defined in the same way, but using DCj^ in place of DC. Total data 
terms Terms(DVar) C Expr^DVar) and partial data terms Terms ± (DVar) G 
Expr s± (DVar) are built by using data variables and data constructors only. In the 
sequel, we reserve t, s, to denote possibly partial data terms, and we write dvar(e) 
for the set of all data variables occurring in an expression e. 

We define type substitutions a t G TSub as mappings from TVar to TTc(TVar), 
and possibly partial data substitutions G DSub^ as mappings from DVar to 
Term^, ± (DVar). Total data substitutions G DSub are mappings from DVar to 
Term^(DVar). Pairs a = (cr t ,ad), with a t G TSub and ad G DSub± are called 
substitutions. We will use postfix notation for the result of applying substitutions 
to types and expressions. We will say that ad G DSub± is safe for a data term t 
if ad(x) is a total term for every variable x having more than one occurrence in t. 
The notions of instance, renaming and variant have the usual definitions; see e.g. 

(?;?)■ 

In the sequel, given A G TVar (respect. X C DVar) and at,a' t G T^ufe (respect. 
ad,a' d G DSub±), the notation er t = CjLA] (respect, ad — a' d [X}) means that aat — 
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aa' t (respect, xod — xa' d ), for all a G A (respect, for all x G X). Similarly, the 
notation a t — cr' t [\A] (respect, ad = a' d [\X]) means that a t — o' t \TVar — A\ (respect. 
a d = a' d [DVar-X]). 

An environment is defined as any set V of type-annotated data variables x : r, 
such that V does not include two different annotations for the same variable. The 
set of well-typed expressions w.r.t. an environment V is defined as Expr- s± (V) — 
UrezVcCTVar) Ex P r V± ( V )> where e G Expr^ ± (V) holds iff the type judgment V h Si 
e : r is derivable by means of the following type inference rules: 

• V \s ± x : t if x : t G V; 

• V \-Sj_ h(ei, . ..,e„) : r if V h Si : r l; 1 < i < n, where h : (n, . . . ,r„) —> r is 
an instance of the unique declared principal type associated to h in DC ± U FS. 

Expr^ ± (V) has subsets Expr^(V), Term^ ± (V), Term^(V) that are defined in the 
natural way. 

Note that, given any environment V, it holds that V \~^ ± -L: r, for all r G 
TTc(TVar), but the type of an expression e containing _L depends clearly on the 
expression e. As an example, consider the following type declarations for data con- 
structors: 

] :— > List(a), [• | •] : (a, List{a)) — > List(a) and Zero :— > jVa£ 

Then, given the environment = {x : iVa£}, it holds that V [_L] : List(r), for 
any r G T TC {TVar), V h Si [Zero,_L] : List (Nat) and h Si [x |-L] : List (Nat). 

Remark that using well-known techniques (?; ?), it is easy to prove that every 
well-typed expression has a most general principal type, which is unique up to 
renaming. 

The following definitions introduce equational axioms for data constructors. 
Definition 2.1 (Equational axiom) 

An equational axiom is any logical statement of the form s « t, where s and t are 
total data terms (i.e. s,t G Terms (DVar)). An equational axiom swfis called: 

• regular iff dvar(s) = dvar(t); 

• non-collapsing iff neither s nor t is a variable; 

• strongly regular iff it is regular and non-collapsing. 

A finite set C of equational axioms is called (strongly) regular iff every axiom in 
C is (strongly) regular. □ 

Notice that a strongly regular equational axiom has the form c(ti,...,t n ) ~ 
d(si, . . . , s m ), where U™=i dvar(ti) — |Ji_i dvar(sj), whereas a collapsing regular 
equational axiom has the structure c(t\, . . . , t n ) « x or x rj c(£i, . . . , t n ), where 
UT=i dvar(ti) — {x}. In the sequel, when we speak of an equation s ~ t, we mean 
(by an abuse of language) s w t or £ w s. By convention, we assume that no 
equational axiom in C is a trivial identity t w t. 

In the rest of the paper we focus on strongly regular equations, because strong 
regularity is needed for our current type preservation results; see Theorem 14 . 1 1 1 and 
Example 14. 121 in Section 0] below. 

Definition 2.2 (Well-typed strongly regular equation) 
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We say that a strongly regular equation c(t%, . . . , t n ) « d(s%, . . . , s m ) is well-typed 
iff the principal type declarations for c,d have variants c : (n,... ,t„) — > r and 
d : (t{, . . . , r^J — > t such that c(ti, . . . , t n ), d(s\, . . . , s TO ) € Term^(V) , for some 
environment V. 

A set C of strongly regular axioms is called well-typed iff each axiom in C is 
well-typed. □ 

Since principal types of data constructors are transparent, the above definition 
implies that ti € Term^i(V), 1 < i < n, and Sj G Term-£ (V), 1 < j < m. In the 
following, we will say that two data constructors c, d are constructors of the same 
datatype iff the declared principal types for c and d admit variants c : (n, . . . , r n ) — ► 
t and d : (t{, . . . , r^J — > r, respectively. 

The following example presents different algebraic datatypes and illustrates the 
expressiveness of strongly regular equations. All equational axioms in the example 
are either strongly regular or collapsing and regular. Furthermore, all those being 
strongly regular are well-typed in the sense of Definition 12.21 

Example 2.3 (Equational axioms) 

(1) Suppose that £ includes the following declarations: 

datatypes 

Set/1, Mset/l,Nat/0 

constructors 

Zero :— > Nat Sue : Nat — > Nat 

{ } Set(a) {■]■}: (a, Set(a)) -> Set(a) 

{ } Mset(a) {■ \ ■} : (a,Mset(a)) -> Mset(a) 

Then, the following equational axioms for the set ({• | •}) and multiset ({[• | •]}) 
constructor 

equations 

{x | {y | zs}} « | {x zs}} \x | \y \ zs}} ^ \y \ \x \ zs}} 
{x I {x zs}} « {a; | zs} 

are strongly regular. 

(2) Suppose now that E contains the datatypes USet/1 and UMset/l, together 
with the following data constructor type declarations: 

constructors 

{ } :-> USet(a) { ]} UMset(a) 

{■} : a -> [Wet(a) { ■ } : a -> UMset(a) 

U : ( USet(a), USet(a)) -> USet(a) ttl : (Z7Afset(a), UMset(a)) -> UMset(a) 

For the data constructors U and ttl, let us consider the following equations: 

equations 

(a) (xs U ?/s) U zs k is U (ys U zs) (xs ttl j/s) ttl zs w xs ttl (ys ttl zs) 

(b) is U i/s « i/s U xs xs ttl j/s « 2/s ttl xs 

(c) xs U { } w xs xs ttl {[ ]} ~ xs 

(d) xs U xs w xs 
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The above declaration constitutes an alternative to point (1) for specifying sets 
(respect, multisets) using singletons and set union U (respect, multiset union 
l+l) as data constructors. For instance, we can build the set {a, b} (respect, the 
multiset {a, b}), where a,b are two constant symbols, as a union of singletons 
{a} U {b} (respect, {a} W {b}). 

The equational axioms in lines (a), (b) arc strongly regular, whereas those in 
lines (c), (d) arc regular and collapsing. Since our type preservation and semantic 
results are based on strongly regular equational axioms, we can not use the 
specifications for sets and multisets given in this item. However, this is not a 
serious lack of expressiveness, since in fact the specifications given in item (1) 
are very adequate for programming languages, as discussed in (?; ?; ?; ?). 
Note that the operator U (respect. W) does not exactly correspond to the ACI1 
(respect. AC1) operator used in the theory of E- unification (?), where there is no 
explicit distinction between elements and sets (respect, multisets) but unitary 
sets (respect, multisets) are identified with elements. 
(3) We conclude this example by presenting another datatype for polymorphic lists 
generated by means of unitary lists and a concatenation operator (associative 
and with neuter element [ ]). Again, the traditional treatment of an Al operator 
in ^-unification does not correspond exactly to that we are going to present. 
In order to build the list datatype we consider the type constructor CList/1 
together with the following data constructors: 

[ ] CList(a) [•] : a -> CList(a) ® : (CList(a), CList(a)) -> CList(a) 

The equations which control the behaviour of the data constructor ® are the 
following: 

(xs ® ys) <S> zs w xs <S> (ys ® zs) xs ® [ ] ~ xs ] ® xs w xs 

where the first equation is strongly regular but the other two ones are regular 
and collapsing. ■ 

In subsequent examples, we will use abbreviations such as {x, y \ zs}, {x, y}, and 
{x} for the terms {x | {y \ zs}}, {x \ {y \ { }}} and {x \ { }}, respectively. We will 
use similar notations for multisets and lists. 

Definition 2.4 (Algebraic and free data constructors) 

Let C be a finite set of equational axioms and £ a polymorphic signature, c £ DC n 
is free iff C contains no equation of the form c(t\, . . . ,t n ) s=a s. Otherwise, we say 
that c is an algebraic (or equational) data constructor. □ 

As explained in the introduction, we must interpret equational axioms as schemes 
for generating approximation inequalities. This is achieved by the following inequa- 
tional calculus: 

Definition 2.5 (Inequational calculus) 

Given a set C of equational axioms, the inequational calculus associated to C is 
defined by the following inference rules: 



Functional Logic Progr. with Algebraic Types 



11 



(B) Bottom: (RF) Reflexivity: 

t 3_L t 3 t 

t □ t',t' □ t" 
(TR) Transitivity: 

t □ t" 

^1 =! ^1) • * * j^n 3 

(MN) Monotonicity: 

c(*i, . . . , t n ) 3 c(si, . . . , s„) 

(IN) C-lnequation: if s □ i G [C]-, 

where t, t", c(ti, . . . , £„), c(si, . . . , s„) G Terms ± (DVar), and: 

[C] g = {scr d □ ta d , t<x' A ~3 sa' d | s~iG C, <7 d , cr^ £ DSub ± , 

ad and <r^ are safe for s and i respectively} 

□ 

In the rest of the paper, the notation s 3c t will denote the formal derivability 
of s 3 t using the above inequational calculus for C. Moreover, we will write s «e t 
iff s 3c i and i 3c s. Thinking of partial data terms as approximations of data, 
s 3c t can be read as "£ approximates s" . Note that the formulation of the rule 
C-lnequation forbids to use the axiom {x, x \ zs} « {x \ zs} from Example l2.3l (l') to 
derive the inequality {J_, _L} 3c {^}, which would have undesirable consequences 
(see Example 14.41 in Sect. ^ below). 

The next proposition states some simple properties of 3c and «c, which follow 
easily from the form of the inference rules in the inequational calculus. 
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Proposition 2.6 {Properties of 3e an d ~c) 

Let C be a finite set of equational axioms. Then: 

(a) 3c is the least precongruence over Termz ± (DVar) that contains [C]-,; 

(b) «c is the least congruence over Term^, ^(DVar) that contains [C]-,; 

(c) If C is regular then for any s,i6 Term^ ± (DVar): If s 3c * an d t is a total data 
term, then s is also a total data term and s «c t. □ 

Note that (c) may fail for non-regular equational axioms. For example, if C in- 
cludes the axiom c(x) w d(y) and i G Term^(DVar) then c(_L) 3c 



3 Defining Rules and Programs 

In this section we introduce ACRWL programs, and we present some simple pro- 
gramming examples to illustrate the expressiveness of our framework. An ACRWL 
program consists of some set C of equational axioms for data constructors, together 
with constructor-based rewrite rules for defined functions. More precisely, assuming 
a principal type declaration / : (n, . . . ,t„) — > r G FS, a defining rule for / must 
have the form: 

f(h, . . . ,t n ) r <= ai == h, . . . ,a m == b m 

where the n-tuple (ti,. .. , t n ) is linear (i.e. without multiple occurrences of vari- 
ables), ti G Term^(DVar), 1 < i < n, and aj,bj,r £ Expr^DVar) , 1 < j < m. 
Joinability conditions aj == bj are intended to hold if and only if aj,bj can be 
reduced to some common total data term t e Termz(DVar), as in (?). A formal 
definition will be given below. 

A defining rule is called regular if and only if all variables occurring in r occur 
also in the left-hand side. Extra variables in the conditions are allowed, as well as 
the unconditional case m = 0. 

Definition 3.1 (Programs) 

A program is a triple V = (E,C,TZ), where S is a polymorphic signature, C is a 
finite set of equational axioms for constructors in S, and 7£ is a finite set of defining 
rules for defined functions symbols in S. 

We will say that a program V is strongly regular if and only if C is strongly regular 
and all rules in 1Z are regular. □ 

Programs are intended to solve goals composed of joinability conditions; i.e. goals 
will have the same form as conditions for defining rules. Some of our subsequent 
results will refer to well-typed programs. Let us introduce this notion. 

Definition 3.2 (Well-typed strongly regular program) 

• A Joinability condition e == e' is well-typed w.r.t. an environment V iff e, e' £ 
Expr^jV), for some r G T TC (TVar); 

• A regular defining rule f(ti,...,t n ) — > r <= C for a defined function symbol 
/ : (ti, . . . , T„) — > t is well-typed if there exists an environment V such that 
U G Term%(V), 1 < i < n, r G feprs(F), and for all e == e' G C, e == e' is 
well-typed w.r.t. 
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• A strongly regular program V = (E, C, 1Z) is well-typed, if all equations in C and 
all rules in 1Z are well-typed. □ 

Note that, according to the previous definition, the left-hand sides of rewrite rules 
in a well-typed program must conform to the principal type of the corresponding 
function symbol, rather than being a more particular instance. Therefore, given 
append : [List{a), List{a)) — ► List(a), a defining rule such as append([Zero \ xs] 
, ys) — > [Zero \ append(xs, ys)} would be ill-typed, since the type of [Zero \ xs] is 
too particular (List(Nat) instead of List(a)). For technical convenience, we are 
assuming that the principal types of functions are declared as part of a program's 
signature. This assumption, however, is not essential in practice. Type reconstruc- 
tion algorithms based on (?; ?) can be used to infer principal types for functions, 
going out from the declared principal types of data constructors and the rewrite 
rules in the program. 

The expressive power of algebraic data constructors allows to write short and 
clear ACRWL programs for many kinds of problems. We will now illustrate this by 
means of two examples, dealing with typical applications of the datatype multiset. 
The reader is also referred to (?) for more programming examples in the CRWL 
framework (with free data constructors), and to (?) for the general advantages of 
functional logic programming. 



3.1 Planning Problems 

Planning problems are a particular case of action and change problems, where one 
is interested in finding actions that will transform a given initial situation into 
a final situation which satisfies some desired property. When attempting to solve 
action and change problems in classical predicate logic, one meets the so-called 
frame problem, roughly meaning that all the properties of a situation that are not 
affected by the application of an action, must be explicitly asserted within the logical 
formula which formalizes the effect of the action. This gives rise to a combinatorial 
explosion when trying to use automated deduction techniques (resolution, say) to 
solve action and change problems. 

It is known that various non-classical logics can be used to solve action and 
change problems declaratively, while avoiding the frame problem; sec e.g. (?). One 
of the known approaches is based on the representation of situations as multisets 
of facts. Assuming such a representation, actions can be conveniently specified as 
multiset transformations. In general, an action will be applicable to those situations 
which include certain facts. The effect of the action will be to take away the facts 
which enable its application, and to add some other facts to the new situation. The 
frame problem is avoided, because the rest of the facts is carried along implicitly. 

Following these ideas, Holldobler and his group have developed an approach to 
planning based on equational logic programs (?; ?). In equational logic program- 
ming, programs consist of Horn clauses with algebraic data constructors, in addition 
to free data constructors. SLD resolution uses unification modulo the equational 
theory of the algebraic constructors present in the program. More precisely, for 
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the case of planning problems, Holldobler and his co-workers propose to use a 
binary associative-commutative constructor o (written in infix notation) to rep- 
resent situations as multisets of facts facti o . . . o fact n , and a ternary predicate 
execPlan(lnitialSit,Plan,FinalSit) to model the transformation of an initial situation 
into a final situation by the execution of a plan. 

In ACRWL we can follow the same idea using multisets of facts to represent sit- 
uations, and a non-deterministic function execPlan : (List ( Action), Mset (Fact)) — » 
Mset(Fact) to represent the effect of plan execution. In general, when dealing with 
search problems, ACRWL gives the freedom to use either predicates or non-determi- 
nistic functions. As shown in (?), the use of non-deterministic functions can bring 
advantages, when combined with the effect of lazy evaluation. 

As a concrete illustration, we will show a particular ACRWL program which 
solves a very simple planning problem, adapted from (?). More complicated plan- 
ning problems, as well as other kinds of action and change problems, could be 
treated analogously. 

Example 3.3 

The following typical blocksworld problem consists in finding a plan for transform- 
ing situation (A) into situation (B) (see figure below) by means of a robot's hand. 
The possible facts are: 

• 0(bi, 62): block 61 is over block 6 2 ; 

• C(b): block b is clear (i.e. there is no block over it); 

• T(b): block b is over the table; 

• H(b): the robot's hand holds block b; 

• E: the robot's hand is empty. 

The available actions are Pickup(b), Unstack(bi , 62), Putdown(b), Stack(b\, 62)- 
Their behaviour can be easily deduced from the definition of the function execAction 
below. 






B3 






Bl 




B2 



Plan 



(A) (B) 

The problem of finding a plan for transforming situation (A) into (B) can be 
described in our framework by means of the following simple program: 

datatypes Block/0, Fact/0, Action/0, Mset/1, List/l 
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constructors 

Bx,B 2 ,B 3 :-> Block 

C,T,H : Block -> Fact { } Mset(a) 

: (Block, Block) -> Fact {• | •} : (a, Mset(a)) -> Mset(a) 

E :-> Fact [ ] list (a) 

Pickup , Putdown : Block — > Action [• | •] : (a, Fisf(a)) — » List(a) 

Stack, Unstack : (Block, Block) — > Action 

equations 

| xs]} w | xs } 

functions 

execPlan : (List(Action), Mset(Fact)) — ► Mset(Fact) 
execPlan([ ], sit) — > sit 

execFZa?i([aci | ract],sit) — > execPlan(r act, exec Action(act, sit)) 

execAction : (Action, Mset(Fact)) — > Mset(Fact) 
execAction(Pickup(v),\C(vi), T(v 2 ),E \ facts}) — > {JF(ii) |/acts]} 

-4= U == Wl, U == 772 

execAction( Unstack(v, w) , \ C (v\) , (v 2 , w\) , E \ facts }) 
-^lH(v),C(w)\ facts} 

4= l> == Ul, 1> = = «2, Wl == W 

execAction(Putdown(v), \H(v\) \ facts}) — > {[ F(u), C(v),E \ facts} 

v —— Vi 

execAction(Stack(v , w), {[ H(v\), C(w\) \ facts ]})—>{[ 0(f , w), C(i>), F | /acts ]} 

-4= U == TJl , W == W\ 

The appropriate goal for getting a plan solving the planning problem at hand is: 

execPlan(plan, { C(B 2 ),C(B 3 ), 0(B 3 , Fx), T(F 2 ), T(fli), E}) == 
{C(fli), 0(B lt B 2 ),0(B 2 ,B 3 ),T(B 3 ),E}. 

The completeness result proved in Theorem 17.101 in Section ensures that the 
answer: 

pZan = [Unstack(B 3 , B\), Putdown(B 3 ), Pickup(B 2 ), 
Stack(B 2 ,B 3 ), Pickup(B 1 ), Stack (F x , B 2 )] 

can be computed by the lazy narrowing calculus LNCEC presented in Sectional Of 
course, other possible plans for solving the same planning problem can be also com- 
puted. However, in spite of the theoretical completeness result, LNCEC has many 
shortcomings from the viewpoint of practical computation. This will be discussed 
in sections El and [3 ■ 



3.2 The GAMMA Programming Model 

The General Abstract Model for Multiset Manipulation (GAMMA, for short) has 
been proposed by Banatre and Le Metayer (?; ?), aiming at problem solving at a 
high level of abstraction. Two important motivations behind the GAMMA approach 
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are to avoid unfortunate sequential biases during program design, and to facilitate 
the application of systematic program derivation methods. 

The basic data structure in GAMMA is the multiset, which allows to describe 
compound data without any form of constraint or hierarchy between its compo- 
nents. Other more conventional data structures can be encoded as multisets; see 
(?). A GAMMA computation proceeds as a series of transformations, carrying a 
multiset from some initial situation (representing the input) to some final situation 
(representing the output). More precisely, a GAMMA program is a set of pairs 
(R, A) where R (called reaction condition) is a boolean function of some given arity 
n, and A (called action) is a function of the same arity n, returning a multiset. The 
behaviour of a GAMMA program as a multiset transformer is as follows: given a 
multiset xs, GAMMA looks for some n-tuplc x of elements from xs (ignoring the 
order, but not ignoring the repetitions), such that R(x) holds for some pair (R, A) 
in the program. If no such tuple can be found, the computation halts giving xs as 
result. Otherwise, the components of x are removed from xs, the remaining elements 
are added to A(x) (in the sense of multiset union), and GAMMA transformation 
is iterated from the new multiset. The notation Tp(xs) is used to indicate the fi- 
nal result obtained by iterating the GAMMA transformation w.r.t. program P and 
starting with the multiset xs. In fact, Tp is almost always a non-deterministic func- 
tion (unless P is a trivial program) . Banatre and Le Metayer assume that one of the 
possible results will be chosen, non-deterministically, at each GAMMA iteration 3 . 

GAMMA is a quite powerful computation model. In particular, the approach to 
planning problems discussed in the previous subsection, can be understood as an 
instance of GAMMA computation. An interesting collection of GAMMA programs 
is presented in (?), showing a variety of programming styles. For example, in order 
to compute shortest paths between all pairs of vertices in a weighted directed graph, 
we can represent the graph as a multiset of edges. Assume that an edge of cost c 
going from the vertex u to the vertex v is encoded as (u, v, c). Then, (?) gives the 
following GAMMA program for solving the shortest path problem: 

shortestPaths(<7rap/i) = T^^(graph) where 

R((u, v, c), (u, w, d), (w, v, e)) = c>d + e 

A((u,v,c),(u,w,d),(w,v,e)) = {(u,v,d + e),(u,w,d),(w,v,e)} 

The idea behind this program is simple: Each time one finds an edge in the 
graph whose cost is greater than the cost of a path of length 2 going through some 
intermediate node, the cost of the edge is rewritten to the smaller cost of the path. 
As soon as this local transformation cannot be applied any longer, the cost c of 
each edge (u, v, c) will be that of a path of minimal cost going from u to v in the 
original graph. 

Now, we will present an ACRWL program which can be viewed as a translation 
of the former GAMMA program. More generally, any GAMMA program P could 
be translated into an ACRWL program based on the algebraic datatype multiset, 

3 They also assume that several action-reaction pairs (R, A) could be performed simultaneously 
by a parallel implementation. 
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whose rewrite rules would define the function Tp, as well as an auxiliary boolean 
function irreducible p which tests the GAMMA termination condition (namely, that 
no action-reaction pair (R,A) £ P is applicable). Unfortunately, irreducible p tends 
to be complex and inefficient in most cases. After all, GAMMA is not intended 
as a programming language in the conventional sense, but rather as a convenient 
intermediate language between specifications and programs; see (?), pg. 108. For 
our particular example, we will use the more suggestive names minimizePaths and 
minimal in place of Tp and irreducible p , respectively. 

Example 3.4 

We will use lists and multisets, as defined in Example 13.81 as well as boolean val- 
ues, given by free constructors True, False :— > Bool. Moreover, we will assume the 
existence of the datatypes Node and Cost, together with infix binary operations 
+ : (Cost, Cost) — > Cost and >,^,< : (Cost, Cost) — > Bool, intended to 
add and compare costs, respectively. In order to represent edges and graphs, we 
introduce the following data constructors: 

E : (Node, Node, Cost) -> Edge G : Mset(Edge) -» Graph 

The function minimizePaths is defined as follows: 

minimizePaths : Graph — > Graph 

minimizePaths (G(\E(u, v,c), E(u\,w, d) , E(w\,v\, e)\rest ]}))—> 
G(\E(u, v,d + e), E(ui,w, d), E(w 1 ,v 1 ,e)\rest}) 

<= u == Mi, v == v\, w == w\,(c> d + e) == True 
minimizePaths (graph) — > graph minimal (graph) == True 

Now, we need to define a function minimal which detects if a graph is irreducible, 
i.e., the first rule of minimizePaths can not be applied. The ACRWL definition for 
this function is the following: 

minimal : Graph — > Bool 

minimal (G (graph)) — > irreducible (triples (graph)) 

where the function triples returns a list composed of all possible triples of edges 
coming from the graph, and the function irreducible checks that no one of them 
enables a GAMMA reaction. To represent a triple of edges, we use the following 
data constructor: 

T : (a, a, a) — > Triple(a) 

Next, the definition for irreducible is the following: 

irreducible : List(Triple(Edge)) — * Bool 
irreducible([ ]) — > True 
irreducible ([T(e, e\, e2)\rest\) — > True 

<= reaction(e,e\,e-i) —— False, irreducible(rest) == True 
where the function reaction is defined as follows: 

reaction : (Edge, Edge, Edge) — > Bool 

reaction(E(u,v,c), E(u\,w,d), E(uii,vi,d)) — > False 
4= (u ^ ui V V Vi V w ^ Wi V c < d + e) == True 
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Note that "V" represents the boolean disjunction defined as usual. Finally, let us 
see the definition of function triples. 

triples : Mset(a) -> List(Triple(a)) 
triples({ })-[] 

triples (\x\xs\) — ■» triplesl (x, xs)-\ — \-triples{xs) 

triplesl : (a, Mset(a)) — * List(Triple(a)) 
triplesl (x,{ })-»[] 

triplesl (x, {[ y|ys ]}) — > triples2(x,y,ys)++triplesl(x,ys) 

triples2 : (a, a, Msei(a)) — > List(Triple(a)) 
triples2(x,y,{ })-+[] 
triples2(x,y,\z\zs\) — > 

[^(x, y, z), T(x, z, y), T(y, x, z), T(y, z, x), T(z, x, y), T(z, y, x)\triples2(x, y, zs)} 
where ++ is the concatenation of lists, which is easy to define in ACRWL. ■ 



4 Rewriting Calculi 

In this section we present two constructor-based rewriting calculi, named Basic 
Rewriting Calculus (BRC) and Goal-Oriented Rewriting calculus (GORC) respec- 
tively, which are intended as a proof-theoretical specification of programs' seman- 
tics. Although both rewriting calculi will be proved equivalent in Theorem 14. 'M we 
have preferred to present both of them. The reason is that BRC is closer to the 
intuition, while the goal-oriented format of the GOi?C-like calculus is useful as a 
basis for designing the lazy narrowing calculus described in Section |SJ 

As in (?), our calculi are designed to derive two kinds of statements: reduction 
statements e — > e', intended to mean that e can be reduced to e', and joinability 
statements e == e', intended to mean that e and e' can be reduced to some common 
total data term. Reduction statements of the form e — » t, where t is a possibly 
partial data term, will be called approximation statements. 

Definition 4-1 (Rewriting calculi) 
For a given program V = (S, C, 1Z): 

• The basic rewriting calculus (BRC) is defined as follows: 



(B) Bottom: (RF) Reflexivity: 



e — e — > e 



(TR) Transitivity: 



e e', eJ -► e" 



e — > e 



e\ ► , . . . , e n > e n 



(MN) Monotonicity: if h e DC n U FS 

hid, ...,e„) -»• /i(ei, . . . ,e' n ) 
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(R) ^-Reduction: if I -> r <= C £ [R]_ 

I -> r 



(MUT) C- Mutation: if s □ t £ [C] D 

s -»• i 

e — » t, e' — > £ 

(J) Join: if t £ Term-s(DVar) is a ioiaZ data term 

e== e' 

where e, e', e", /i(ei, . . . , e„), ft(e^, . . . , e£J € Expr^ ± (DVar), [£]□ has been specified 
in DefmitionET51and = Def {(I -» r 4= C)<j d | I ^ r ^ C eTZ,cr d e DSub ± }. 

• The goal-oriented rewriting calculus (GORC) is defined as follows: 

(B) Bottom: 

e -f± 

(RR) Restricted Reflexivity: if x £ DVar 



C\ > t \ 5 . . . , 6 n ► Cyj 

(DC) Decomposition: if c e DC 71 

c(ei, . . . ,e n ) -> c(ii, . . . ,i n ) 

6 J ► £ i , . . . , 6 n > t n , 5 ► t 

(OMUT) Outer C-Mutation: 



c(ei, . . . , e n ) — > i 

if t^-L, c(ti,...,«n) □ s £ [C] a 

ei — ► *i, . , e n — ► t n ,C,r — ► f 
(OR) Outer ^-Reduction: 



/(ei, ...,e n ) 

if t^-L, /(ti,...,t„) -»r-«=CG [7e]^ 
e -> t',e' -> i' 

(J) Join: if t' £ Terms(DVar) is a £ofaZ data term 

e == e' 

where e, e', c(ei, . . . , e„), /(ei, . . . , e„) € Expr- S± (DVar), x £ DVar, and t, c(ti, 
t n ) £ Termv ± (DVar). □ 

Note that the construction of [??•]_, does not require ad to be safe for I, in contrast 
to the construction of [C]-, in the inequational calculus. This is because I is known 
to be linear. 

As in (?), neither of the two calculi specifies rewriting in the usual sense. The 
main reason is the presence of rule (B) and the formulation of rules (R) (respect. 
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(OR)) and (MUT) (respect. (OMUT)). The need of the rule (B) is because of non- 
strict (also called lazy) functions, and shows that e — > t is intended to mean "t 
approximates e". The construction of [11] and [C]-, reflects the "call-time choice" 
treatment of non-determinism. Our motivation to adopt these ideas has been ex- 
plained in the Introduction. As we will sec in Section [B] (in particular, in Example 
16.2(1 , our goal solving calculus incorporates sharing in order to ensure a sound real- 
ization of call-time choice. 

As the main novelty w.r.t. (?), we find the mutation rules (MUT) (respect. 
(OMUT)) to deal with equations between constructors. Note that the use of such 
mutation rules can cause cycles. This is easy to see for the multiset equation 
{[j;,j/|2s} w ^y, x[zs \. From a theoretical point of view, this inconvenience can 
be avoided by rewriting with equivalence classes instead of terms and eliminat- 
ing the mutation rules. However, we have preferred the current presentation of the 
rewriting calculi since it enables (as shown in Lemma[QJ) a very intuitive complete- 
ness proof for the lazy narrowing calculus in Sectional Unfortunately, the presence 
of cycles in lazy narrowing derivations is also possible and quite hard to avoid in a 
general framework, where arbitrary algebraic data constructors are allowed. 

Finally, we can also establish several differences between our rewriting calculi and 
another well-known approach to rewriting as logical deduction, namely Meseguer's 
Rewriting Logic (?), which has been used as a basis for computation systems and 
languages such as Maude (?; ?; ?), Elan (?; ?) and CafeOBJ (?). As an analogy 
between (?) and the calculi BRC and GORC, we have that in (?) rewriting is 
performed modulo a set of equations (as for instance, associativity and/or commu- 
tativity), which allow to establish term equivalences. As the main difference, note 
that our rewriting calculi allow to model expression evaluation in a language based 
on constructors, which includes non-strict functions (possibly non-deterministic). 
Thus, BRC and GORC can serve as a basis for declarative programming languages 
based on lazy evaluation. On the contrary, the logic described in (?) was originally 
proposed as a semantic framework for the specification of concurrent languages and 
systems, and as a framework in which to be able to specify other logics. Hence, (?) 
is not constructor-based and lacks of the rule (B). Finally, as we have commented 
before, we only consider instances over partial data terms as shown by the construc- 
tion of the sets [£?]□ and [72.] (i.e., we adopt a "call-time choice" view), whereas in 
(?) arbitrary instances are allowed (i.e., a "run-time choice" view is adopted). As 
shown in (?), call-time choice is a good option from the programming viewpoint. 

Remark that GORC means Goal-Oriented Rewriting Calculus. Such a name has 
been inherited from (?), where goal-oriented proofs have the property that the out- 
ermost syntactic structure of the statement to be proved determines the inference 
rule which must be applied at the last proof step; in this way, the structure of the 
proof is determined by the structure of the goal. In our case, proofs derived by 
using the rewriting calculus GORC are not totally goal-oriented due to the pres- 
ence of algebraic constructors. More concretely, an approximation statement of the 
form c(e n ) — > t, where c is an algebraic data constructor, presents two alterna- 
tives given by rules (DC) and (OMUT). However, we have preferred to maintain the 
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name of goal-oriented because GORC is really goal-oriented when algebraic data 
constructors are absent. Let us see a simple example: 

Example 1^.2 

Consider the program rules select(\x \ xs\) — > x and / — > \Zero | /]}, where 
■f ■ | ■ } is the multiset constructor defined in Example 12. 31 (1). Consider the approx- 
imation statement ip = select(f) — > Zero. Now, let us look for a GOi?C-proof for 
if. 

It is clear that the only GOi?C-rule applicable to cp is (OR). Let us choose the 
instance of select given by the rewriting rule select(\Zero |-L]}) — > Zero. Then we 
need to prove tp± = f — > \Zero |_L]} and ^2 = Zero — > Zero. 992 can be proved 
uniquely by rule (DC), whereas necessarily requires an application of (OR), i.e., 
we need to prove that (pz = \Zero | /]} — > \Zero |-L]}. Up to this point, the 
proof has been clearly goal-oriented. Now, i/33 can be proved by using either (DC) 
or (OMUT). Applying (DC), we would need to prove the approximation statements 
Zero — > Zero and / — >_L which are trivially true by rules (DC) and (B) respectively. 
If we apply (OMUT) we can also get a proof but with more inference steps. To this 
end, it is enough to take the following instance of the commutativity equational 
axiom for multisets: { Zero, Zero \ ±J as -J Zero, Zero |_L ]}. ■ 

The next result ensures that both calculi are essentially equivalent. Moreover, 
they are compatible with the inequational calculus presented in Sect. El The com- 
plete proof can be found in Appendix [bJ 

Theorem 4-3 (Calculi equivalence) 
Let V = (E, C, 1Z) be a program. 

(a) For strongly regular C, e, e' E Expr-£ ± (DVar) and t E Terms ± (DVar): e — » f 
(respect, e == e') is derivable in GORC if and only if e — > t (respect, e == e') 
is derivable in BRC; 

(b) For any t, t' £ Terms ± (DVar), t Zjc t' if and only if i — ► is derivable in BRC; 

(c) If C is regular, then for any s, t E Term^ ± (DVar), s == t is derivable in BRC 
if and only if s «e £ an d s, t are total data terms. □ 

In the rest of the paper, when we write e — >-p t (respect, e ==v e') wc mean that 
e —> t (respect, e == e 1 ) is derivable from program V in i?i?C or GORC. 

At this point, we can give an example that justifies why we require left-linear 
defining rules and safe data substitutions for the construction of [C]-, in the in- 
equational calculus. 

Example 4-4 

Let V be the program obtained by extending Example 12.31 (1) with the following 
type declarations and defining rules for functions: 

eq : (a, a) — > Bool unit, duo : Set (a) — > iJooZ om :— > a 

eg(x, x) — > Trtte itnit({a;}) — > True om — > om 

duo({x, j/}) — > True 

Note that the defining rule for eq is not left-linear and thus illegal. If it were allowed, 
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we would obtain eq(e,e') — >-p True for arbitrary e, e' G Expr^ ± (DVar) (by using 
e — >"p-L, e' -^-p_L and eg(_L,_L) —*-p True). 

On the other hand, if we would define 3c in such a way that {_L, _L} 3e {^} 
could be derived as an instance of the equation {x, x \ zs} w {a; | zs}, we could use 
True —>-p-L, False -^pL and unit({±.}) —>-p True for obtaining unit({True, False}) 
—*-p True, which is not expected as a reasonable consequence from unit's defining 
rule. 

Finally, note that the inequational calculus permits {±} 3c {-L, -L}. We can 
combine this with om — »-p± and duo({±, _L}) — >-p True to obtain duo({om}) — *-p 
Tr«e, which does not contradict our intuitive understanding of the program. ■ 

To conclude this section, we give a type preservation result. We need some aux- 
iliary lemmas and notation. Let V be an environment, {xi, . . . , x m } a set of data 
variables and t\, . . . , r m G T^c (TVar) . V[x\ : t\, . . . , x m : r m ] denotes the environ- 
ment verifying the following conditions: 

• for all X{, 1 < i < m, Xi : Ti € V[x± : ti, . . . , x m : r m ]; 

• for all x G DVar such that x £ {x\, . . . , x m }, x : r G V[x\ : n, . . . , x m : r m ] if 
and only if x : r G V. 

Given a t G TSub, we will write Va t to denote the environment {x : ra t \ x : 
t G V}. Finally, given X C DVar and two environments and V', the notation 
V = V'[X] will mean that for all x G X, x : r G V if and only if x : t G V. 

Next, we present four lemmas that can be easily proved by structural induction. 

Lemma 4-5 

Let V be an environment and e G Expr- s± (DVar). If e has type r in V, i.e., e G 
Expr^ ± (V), then e has type to t in Fat, i.e., e G Expr™* (Va t ), for all er t G TSm&. 
□ 

Lemma 4-6 

Let V, Vo be two environments and a t G TSwfo. For all e G Expr^ ± (DVar) such 
that all function symbols occurring in e have a transparent principal type: If e G 
Exprl ± (V ) n Scpr^OO, then V = V a t [dvar(e)]. □ 

Lemma 4-7 

Consider e G Expr s± (DVar) and cr^ G DSub± such that {xi,..., x m } = {x G 
dvar(e) \ xod ^ x} and x^ = t-, 1 < i < to. Let V be an environment such 
that t- G Terrn^ (V), 1 < i < to, and V[xi : r{, . . . , x m : r^J e : r'. Then 
ecrd G Expr^ ± (V). □ 

Lemma 4-8 

Consider e G Expr^ ± (DVar) and er^ G DSub± such that {xi,..., x m } = {x G 
dvar(e) \ xod ^ x} and Xj<7<j — t' i7 1 < i < m. Assume that Xj, 1 < i < to, 
occurs at most once in e. Let V be an environment such that ead G Expr^^). 
Then, there exist r- G T TC (TVar), 1 < i < m, such that ^ G Term^(y) and 
V[xi : r{, . . . ,x m : T' m ] h Si e : r'. □ 

The following two lemmas establish that the well-typedness of program rules and 
equational axioms is preserved by type instances. 
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Lemma 4-9 (Type preservation by type instances) 

(a) Let /(ii,...,i„) — > r -4= C be a well- typed and regular program rule with 
principal type: / : (ri, . .., r n ) — > r G PS. Let and o"t be an environment and 
a type substitution respectively, such that t, G Term^ at (V), 1 < i < n. Then 

(b) Let c(ti, . . . ,£ n ) w d(si, . . . , s m ) be a well- typed regular equation such that c 
and d have principal types: c : (ti, . . . , r n ) — > r, d : (r{ , . . . , r^J — > re DC (up to 
variants). Let V be an environment and cr t G TSub such that ij G Terrn^"* (V) , 
1 <i <n. Then d(si,...,s m ) G Tem^(V)- ^ □ 

Proo/ 

(a) (respect, (b)) follows from the well-typedness of /(ti, . . . , t„) — > r <= C (respect. 
c(ti, . . . ,t n ) w rf(si, . . . , s m )), Lemmas 14.61 and 14.51 and dvar(r) C IJILi dvariti) 
(respect. dvar(c(t\, . . . ,t n )) — dvar(d(si, . . . , s TO ))). □ 

The next lemma extends the previous one, and ensures that well-typedness is not 
only preserved by type instantiation but also by well-typed data instantiation. The 
complete proof can be found in Appendix iBl 

Lemma 4.10 [Type preservation by instances) 

(a) Let / (ti, . . . , i n ) — > r <= C be a well-typed and regular defining rule with 
principal type: / : (t 1; . . . , r„) -^t£ FS. Let and er = (er t , o^) be an environ- 
ment and a substitution, respectively. li Uad G Term^ at (V), 1 < i < n, then 

(b) Let c(ti, . . . , i n ) f=a g?(si, . . . , s m ) be a well-typed regular axiom such that c and 
d have principal types: c : (ri, . . . , r„) — > r, d : (r{, . . . , t^J — > r G -DC (up to 
variants). Let 1/ and a = (at, o~d) be an environment and a substitution, respec- 
tively. If tiOd G Term T ^(V), 1 < i < n, then d(si, . . . , s m )<Jd G Term^(V). 
□ 

Finally, here we have the theorem which ensures the type preservation result we 
were looking for. 

Theorem 4-H (Type preservation) 

Let V = (E,C,TZ) be a well-typed strongly regular program. Let V be an environ- 
ment. If e -*p e' and e G Expr^ ± (V) then e' G Expr^ ± (V), for all r G T T c(TVar). 
□ 

Proo/ 

The proof proceeds by induction on the structure of the BRC derivation associated 
to e — >-p e'. We analyze the last inference rule applied in such a proof. For rules 
(B) and (RF) the result is trivial. For rules (TR) and (MN) it is enough to apply 
induction hypothesis. It remains to prove rules (MUT) and (R). 
(MUT). Then e = c(ti, . . . , t n )ad, e' = d(s\, . . . , s m )ad and e □c e ' G [C]rj, for 
some data substitution Od G DSub± being safe for c(ti, . . . ,t n ). Suppose that 
c : (r(,...,r„) — > r',d : (r",.--, T m) ~* T ' e ( U P to renaming). Since 
e G Term^ ± (V), then there exists e>t G TSub such that r = t' at and tjOd G 
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Tferm^ * (V), 1 < i < n. From Lemma [4.101 (b), it holds, for the substitution 
(<y t ,o-d), that d(si, . . . , s m )a d G Term^ (V) . 
(R). Then e = f(t 1 ,...,t n )a d , e' = e"a d and f(ti,...,t n )a d -> e"a d <= Ca d G 
for some data substitution a d G DSub±. Suppose that / : (t{,...,t^) 
— ► t 1 G -fS 1 . Since e £ Term^ ± (V), then there exists <7t G TOwft such that 
t = rVi and tjtJd G Term^ (V) , 1 < i < n. From Lemma f4. 101 fa), it holds, 
for the substitution (a t} a d ), that e'V^ G Expr^ at (V) . 
□ 

Note that this type preservation theorem does not hold for non-regular axioms 
neither collapsing regular axioms, as the following example shows. 

Example 1^.12 

Let us consider the signature £ from Example 12.31 (I) and the empty environment 
V. Assuming the non-regular axiom Suc(x) rj Suc(y), we obtain Suc(Zero) -^-p 
Suc(True), where Suc(Zero) G Term s a (V) but Suc(True) ^ Term^ a (V). Taking 
the collapsing regular axiom x ~ Suc(x), we get True — >-p Suc( True), where True G 
Term^ ool (V) but Suc(True) £ Term% ool {V). ■ 



5 Model-theoretic Semantics 

In this section we will present a model-theoretic semantics, showing also its relation 
to the rewriting calculi from Section 0] First, we recall some basic notions from the 
theory of semantic domains (?; ?). 

A poset with bottom _L is any set S partially ordered by C, with least element 
_L. Def(S') denotes the set of all maximal elements u G S, also called totally defined. 
Assume X C S. X is a directed set iff for all u, v £ X there exists w G X s.t. 
it, v C w. X is a cone iff J-£ X and A is downwards closed w.r.t. C. X is an 
idea/ iff A is a directed cone. We write C(S) and T(S) for the sets of cones and 
ideals of S, respectively. T(S) ordered by set inclusion C is a poset with bottom 
{_L}, called the ideal completion of 5. Mapping each u G S into the principal ideal 
(u) = {v G S | v C u} gives an order preserving embedding. 

A poset C with bottom is a complete partial order (in short, cpo) iff C has a 
least upper bound |J C (also called limit) for every directed set D C C. An element 
?! G C is called finite if and only if whenever u C |J D for a non-empty directed D, 
there exists x G D such that « C i. It is known that, for any poset with bottom 
S, I{S) is the least cpo containing S. Moreover, T(S) is an algebraic cpo whose 
finite elements correspond to the principal ideals (x), x G S; see for instance (?). In 
particular, elements x G Def(S') generate finite and total elements (x) in the ideal 
completion. 

As in (?), we will use posets instead of algebraic cpo's. Such posets will provide 
only finite semantic values. The ideal completion of S might supply the missing 
infinite values, but in fact finite values are enough for describing the semantics of our 
programs. To represent non-deterministic lazy functions, we use models with posets 
as carriers, interpreting function symbols as monotonic mappings from elements to 
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cones. For given posets D and E, wc define the set of all non- deterministic functions 
from D to E as 

[D -^ nd E] = {f:D^ C(E) | Vu, u' e D : (u C D u' /(«) C /(«'))} 

and the set of all deterministic functions from D to E as 

[£> E] = {/ G [£> E] | VueD: /(u) G 1(E)} 

When given some fixed arguments, a deterministic function / will return a di- 
rected set of partial values. Hence, after performing an ideal completion, determin- 
istic functions become continuous mappings between algebraic epos. On the other 
hand, a non-deterministic function / returns cones, which are the same as elements 
of Hoare's powerdomain n(?; ?). Therefore, after performing an ideal completion, 
non-deterministic functions become continuous functions taking values in a power- 
domain. 

Moreover, any non-deterministic function / can be extended to a monotonic 
mapping /* : C(D) — > C(E) defined as f*(C) = \J ceC /(c). Abusing of notation, wc 
will identify / with its extension /* in the sequel. 

We are now prepared to introduce our algebras, combining ideas from (?; ?). 

Definition 5.1 (Polymorphically typed algebras) 

Let £ be a polymorphic signature. A Polymorphically Typed algebra (PT-algebra) 
A has the following structure: 

A = (D A ,T A ,: A ,{K A } KeTC ,{c A }ceDC,{f A }feFs) 

where: 

(1) D A (data universe) is a poset with partial order C- 4 and bottom element ± A , 
and T A (type universe) is a set; 

(2) : A C D A x T A is a binary relation such that for all £ G T A , the extension of I 
in A, defined as £ A (l) = {u e D A \ u : A £} is a cone in D A ; 

(3) For each K e TC n , K A : {T A ) n -> T A (simply K A e T A if n = 0) ; 

(4) for all c : (ri,...,r n ) r e £>C_l, c 4 e [{D A ) n —f d D A ] satisfies: For all 
ui, . . . ,u n G D A , there exists v G D -4 such that c A (u\, . . . , u„) = (v). Moreover, 
if Mi , ... , u n G Def(L)- 4 ) then u G Def(_D' 4 ); 

(5) for all / : (r{, . . . , r' m ) - r' G FS, J- 4 G [(i?- 4 )" 1 D^]. □ 

Some comments may help to understand this definition. Items (4) and (5) mean 
that constructors and function symbols are interpreted as continuous operations 
(when moving to the ideal completion). Moreover item (4) requires that data con- 
structors are interpreted as deterministic operations which preserve finite and total 
elements in the ideal completion. As in (?), : A represents the membership relation 
between data and types. Item (2) requires the extensions of types to be cones, 
which is a natural condition. In particular, ± A must belong to all types, which is 
consistent with _L's principal type declaration _!_:—> a. 

In order to interpret expressions in an algebra A we use valuations r\ — (f}t,T]d)y 
where r/t ■ TVar — > T A is a type valuation and % : DVar — ► D A is a data valuation. 
r]d is called totally defined iff r} d {x) G Def(D A ), for all x G DVar; and % is called 
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safe for a given t G Termj: ± (DVar) iff n d (x) G Def(D A ), for all x G dvar(t) s.t. a; 
has more than one occurrence in t. Val(A) denotes the set of all valuations over A. 

For a given n = (n t ,rid) G Val(A), type denotations It] a t] =Def l T } A Vt G T A 
and expression denotations \e\ A n ~Def [e]" 4 ^ G C(D A ) are defined recursively as 
follows: 

• M" 4 ^ = Vt( a ), where a G TVar; 

. [K( Tl ,...,T n )\ A Vt = K A {{T 1 \ A r lu ...,lT n l A r lt ), where K G TC n and n G 
T TC (TVar), 1 < i < n; 

. [-LJ-V = U" 4 }; 

• W" 4 ^ — (Vd(x)), where x G DVar; 

. [Mei,...^^]- 4 ^ = h A (le 1 ] A 7 ld ,...,le n j A r ld ), where ft G PC" U FS n , e, G 
Expr-£ ± (DVar), 1 < i < n. 
As in (?), the following result can be proved easily by structural induction. 

Proposition 5.2 (Properties of denotations) 

(a) If f A is deterministic for every / G FS occurring in an expression e, then [e]- 4 ^ 
is an ideal; 

(b) For every data term t, [t] A ?7d is a principal ideal (v). Moreover, u G Def(D A ) 
if t is total and r\d is totally defined. □ 

We are particularly interested in those PT-algebras that are well-behaved w.r.t. 
types. 

Definition 5.3 (Well-typed PT-algebras and valuations) 

• A is well-typed if for all h : (ti, . . . , r„) — > r G PC^ U PS and for every type 
valuation n t , it holds that [n]^), . . . , ^(M^)) C ^([t]^); 

• n = (rj t ,r]d) G VaZ(.A) is well-typed w.r.t. an environment V iff for every x : r G 
V, it holds that % (x) G ^([t]- 4 ^). □ 

The next auxiliary lemma is needed to prove some of the results presented later. 
It can be proved easily by structural induction. 

Lemma 5.4 (Substitution lemma) 

Let 7] = (rjt.rjd) be a valuation over a PT-algebra A. For any r G Txc(TVar), e G 
Expr- s± (DVar) and substitution a — (o- t ,ad), it holds that [t]- 4 ^^ = [rot]" 4 ^ an d 
[e]" 4 %„ ti = leo- d l A rid, where r\„ = {vu^Vd^J is the uniquely determined valuation 
that satisfies: 7] ta (a) = laa t i A rit, for all a G TVar, and i\a (x) = d, for all 
x G DVar, where (d) = \xad\ n d . □ 

We can prove that expression denotations behave as expected w.r.t. well-typed 
algebras and valuations. 
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Proposition 5.5 

Let V be an environment. Let A be a well- typed PT-algebra and r\ = (j) t ,rid) S 
Val(A) well-typed w.r.t. V. For all e G Expr^ ± (V), le\ A n d C ^([r]- 4 ^). □ 

Proof 

By structural induction on e. For e =_L or e = c G DC , the result follows from 
the well-typedness of A and Lemma [5.41 For e = x G DVar, the well-typedness 
of 77 entails the result. For e = h(e%, . . . , e„), ft : (r{, . . . , r^) — > r' G DC U F5, 
there exists at G TSufc such that r = r'crj and ej G Term^t <Jt (V), 1 < i < n. 
By induction hypothesis, [e^r^ C £ A (\T , i a t \ A 'q t ), 1 < i < n. From Lemma IOI 
we have that £ A (lT / i a t j- A r)t) = ^([r'pT/t it ), 1 < i < n. The well-typedness of 
.4 entails h A (le 1 j A r/ d , . .. , le n j A i] d ) C £ •<* ([r'J^T/t ). Now, the result follows from 
Lemma 15 .41 and definition of denotation. □ 

Next, we define the notion of model. Note that reduction/approximation is in- 
terpreted as inclusion, while joinability is interpreted as existence of a common 
maximal approximation. 

Definition 5.6 {Models of a program) 
Let A be a PT-algebra. We define: 

(i) A satisfies a reduction statement e — ► e' under a valuation 77 = (noted 
by (A 7? d ) h e e') iff [e'\ A m C \e\ A W 

(ii) „4 satisfies a joinability statement e == e' under a valuation 77 = (774, 77^) (noted 
by 0A,%) h e == e ') iff [eF^d n [e'J^rjd n Def{D A ) ^ 0. Furthermore, we say 
that A satisfies a set C of joinability statements under a valuation 77 = (rj t ,r]d) 
(noted by (A, %) |= C) iff (.4, 77^) \= e == e', for all e == e' G C; 

(iii) .4 satisfies a defining rule I — ► r C iff every 77 = (?7t,%) G VaZ(_4) such that 
(.4, 77^) |= C verifies that (.4, 77,2) |= ^ — > r; 

(iv) „4 satisfies an equation s « t iff for every 77 = (77*,%) G VaZ(^4): [s]" 4 ??^ 2 
I*]" 4 ^ if % is safe for s and [t\ A r] d 2 [sj A rid if % is safe for t; 

(v) Let V — (E,C,H) be a program. .4 is a model of V (noted by A |= V) iff .4 
satisfies every defining rule in 1Z (noted by A \= TV) and every equation in C 
(noted by A \= C). □ 

The rest of the section is devoted to the construction of free term models, which 
allows us to prove soundness and completeness of the rewriting calculi from Sect. 

HI 

Definition 5. 7 (Free term models) 

Given a program V — (Y.,C,7V) and an environment V, we build the term model 
M-piy) as follows: 

• Data universe: Let X be the set of all data variables occurring in V. Then the 
data universe of M-p(V) is Term-^ ± (X)/ ~ c , where 

Term-£ ± (X) =Def {t G Term^ ± (DVar) \ dvar(t) C X} 
For all t G Term^ ± (X), [t] denotes the equivalence class {t' G Term^ ± (X) 
t ~c t'}- 
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• Type universe: Let A be the set of type variables occurring in V . Then the type 
universe of M V (V) is T TC {A) = Def {r G T TC (TVar) \ tvar(r) C A}; 

• For all [t] G Term s± (X)/~ c , r G T TC (A), we define [t] T iff t g 

• For all A" g TC n , r 4 g T TC (A), 1 < i < n: K M ^ v \ n , ...,r n ) = A(ti, . . .,r n ); 

• For all c g DC™, [U] g Term Si (X)/« c , 1 < i < »: c^Wtfti], . . . , [*„]) = 

([c(t!,...,t n )]); 

• For all / g PS", fe] g Pem Ex (X)/^ , 1 < i < n: 

f M ^ v \[t 1 ],...,[t n ]) = {[t] e Term s± (X)/„ c \ f(h,...,t n )^ v t} 

• ± M -p(v)_ j g ^ e bottom element, whereas the partial order is defined as 
follows: For all [s], [t] G Term^ ± (X)/~ c , [s] □- A/ M v [f] iff s 3 c t. □ 

The following theorem ensures that M.-p(V) is a well-defined algebra in presence 
of a strongly regular set of equational axioms. The complete proof of the theorem 
can be found in Appendix iBl 

Theorem 5.8 (M.-p(V) is a well-typed PT -algebra) 

Given a program V = (£, C, TZ) where C is strongly regular and well- typed, it holds 
that Ai-p(V) is a PT-algebra. Moreover, if all rules in TZ are regular and well-typed 
then A4p(V) is a well- typed PT-algebra. □ 

The relationship between semantic validity in A4-p(V) and GOPC-derivability 
(which allows us to prove the adequateness theorem below) can be characterized as 
follows: 

Lemma 5.9 (Characterization lemma) 

Consider a program V = (E,C,1Z) such that C is strongly regular and well-typed. 
Let [a] = (a t ,[a d ]) G Val(Mv{V)) be a valuation, represented by a substitution 
a = (at,er<j). Then for all e,a, b G Expr^ ± (X), t G Terms ± (X): 

(a) [t] G [e] M *W [a d ] if and only if ea d ^ v t; 

(b) (Mj>(V), [ad]) h e 1 11 and on ly ir ecr d ^d! 

(c) (A4-p(V), [ad]) |= a == ^ an d om y if aa d ==v ba d . □ 
Theorem 5.10 (Adequateness of A4-p(V)) 

Let V = (E,C,7Z) be a program such that C is strongly regular and well-typed. 
Then: 

(1) M V (V)\=V. 

(2) For any <p = e — > t or (p = e == e', where e, e' G Expr^ ± (X) and £ G 
Terms i (X), the following statements are equivalent: 

(2.1) ip is derivable in GORC (or equivalently, in BRC); 

(2.2) (A, n d ) |= for all PT-algebra A such that A |= P and for all totally 
defined data substitution rjd] 

(2.3) (A4-p(V), [id]) |= <p, where id is the identity partial data substitution 
defined as id(x) = x, for all x G X. □ 
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Proof 

To prove (1), we need to prove that Mv{V) (= C and M<p(V) \= TZ. 
Given s«(£C and ad safe for s, sad —>v t&d holds because of sad 3 tad €E [£]□■ By 
LemmaEl(b) we get (M V (V), [a d ]) \= s -> i, i.e., [a]^"^)^] D [^^M- 
Similarly, assuming that [cr^] is safe for t, it can be proved that [s] jV1 ' p ^^ [ad] 3 
lt] M r<y)[ ad ]. Hence [= C. 

Consider now a defining rule f{t\, . . . ,t n ) — > r C and a data valuation [o^] 
over AipfV) such that (^(V), [<r d ]) h If (Mp(^), M) h C th en, Lemma 
15.91 (c) entails that for all a == b G C , add ==-p &<7<2. On the other hand, for any 
[t] G [r] Mf < v ) [(r rf ], LemmaOlfa) entails ra d -^v t. Applying the GORC-rule (OR) 
with the instance program rule f(ti, . . . ,t n )ad — * rad Cad, we conclude that 
f(h,...,t n )a d t. From Lemma El (a), we get [t] G . . . , t n )j M ^ W [cr d ], 

i.e. [r\ M rW[* d ] C [/(ix, . . . , tnJl^Cv)^]. Hence, ^(V) h ^- 

(2.1) ^> (2.2). This can be proved by induction on the length of a GOi?C-proof for 
tp. The assumption that rjd is totally defined is needed when dealing with inference 
rule (J). See Theorem 5.1 in (?) for a similar proof. 

(2.2) (2.3). From (1), M V {V) |= V. From (2.2), it holds that {M V (V), [id]) |= ^, 
since [id] is totally defined. 

(2.3) ^> (2.1). This follows from Lemma f5. 91 (b) and (c), taking id for ad- □ 

Theorem 15.101 implies soundness and completeness of the rewriting calculi w.r.t. 
semantic validity in all models. Moreover, the theorem also says that validity in the 
term model Ai-p(V) characterizes validity in all models. For this reason, Aij>(V) can 
be regarded as the intended (canonical) model of the program V . More precisely, any 
given / G FS n , n > 0, will denote a deterministic function iff f Mv{v) {[ti], [<„]) 
is an ideal for all ti G Term-£ ± (X), 1 < i < n. This property is undecidable in 
general, but some decidable sufficient conditions are known which work quite well 
in practice; see e.g. the sufficient non-ambiguity conditions in (?). 

Ignoring algebraic constructors in ACRWL, there is a clear analogy between 
A4-p(V) and so-called C-semantics (?) for Horn clause programs. Moreover, Horn 
clause logic programs correspond to CRWL-programs (?) (and thus also to ACRWL- 
programs) composed of boolean functions. For such programs, it is easily checked 
that A4-p(V) indeed corresponds to the C-semantics. By a construction similar to 
that of A4-p(V), using the poset of ground partial data terms as carrier, we could 
obtain also an analogon of the least Herbrand model semantics for Horn clause 
logic programming. However, even ignoring equational axioms, A4-p(V) bears more 
interesting information due to Theorem 15. 101 

To conclude this section, we present a categorical characterization of Ai-p(V) as 
the free model of V, generated by the set of variables contained in the environment 
V. We will use only very elementary notions from category theory; see e.g. (?). 
First of all, we need a suitable notion of homomorphism which follows the idea of 
loose element-valued homomorphism, in Hussmann's terminology; see (?; ?). 
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Let A and B be two PT-algebras. A homomorphism h : A — > B is any pair of 
mappings {h t ,h d ), where h t : T- 4 -> P 8 and /i d G [D- 4 ->- d P B ] which satisfies the 
following conditions: 

(1) h t preserves type constructors: For all K G TC"\ ii,...£ n G T A , ht{K A {l\ 
,...e n )) = K B {h t (h),...,h t (e n )); 

(2) is element valued: For all u G P- 4 , there is v G P 8 such that /i<j(it) = (w); 

(3) /i d is strict: h d (± A ) = 

(4) hd preserves data constructors: For all c G DC n , Ui G D A , 1 < i < n: 
hdic^iux, . . . , u„)) = c B (h d (ui), . . . , h d (u n ))\ 

(5) /id loosely preserves defined functions: For all / G FS n , ui G D A , 1 < i < n: 
h d (f A (u 1: u n )) C / K (/i d (u!), . . . , h d {u n )). 

Moreover, /i is called a well-typed homomorphism if and only if hd(£ A (£)) C 
£ B (/i t (£)) foralUGT- 4 . □ 

PT-algebras of signature E are the objects of a category PTAlg^ whose arrows 
are the homomorphisms from Definition 15.111 The models of any given program 

V = (S,C,TZ) determine a full subcategory Mod v of PTAlg^. We can prove the 
following theorem, whose complete proof is given in Appendix iBl 

Theorem 5.12 (A4-p(V) is free) 

Let V = (E,C,1Z) be a program such that C is strongly regular and well-typed. 
A4-p(V) is freely generated by V in Mod-p, that is, given any A \= V and any 

V = {VtiVd) ^ Vol {A) such that % is totally defined, there exists a unique homo- 
morphism h : A4-p(V) — > A extending 77, i.e. such that h t {a) — %(a), for all a G A 
and /id ([a;]) = (%(a;)), for all i£l. Moreover, if and 17 are well- typed then h is 
a well-typed homomorphism. □ 

The intuitive meaning of Theorem 15.121 is that A4-p(V) behaves as the "least 
term algebra that is a model of V" . An alternative characterization of M.-p(V) as 
the least fixpoint of a continuous transformation that maps term algebras to term 
algebras is also possible, as shown in (?) for the restriction of our framework to an 
untyped language with free data constructors. 



6 A Lazy Narrowing Calculus for Goal Solving 

This section presents a Lazy Narrowing Calculus based on Equational Constructors 
(LNCEC for short). This calculus provides a goal solving procedure that combines 
lazy narrowing (in the spirit of (?; ?)) with unification modulo a set of equational 
axioms C (in the line of (?; ?)). Differently to (?; ?) (where data constructors are 
free) we require the introduction of mutation rules (as in (?)) for applying equational 
axioms to data constructors. With respect to (?; ?) we need the incorporation of 
narrowing for applying program rules. 

LNCEC is a quite general and expressive framework for declarative program- 
ming, based on algebraic data constructors and non-deterministic lazy functions. 
Nevertheless, there is still a big gap between our current presentation of lazy nar- 
rowing and an implemented system. In fact, our narrowing calculus LNCEC is not 



Functional Logic Progr. with Algebraic Types 



31 



intended as an operational model, but rather as an abstract description of goal solv- 
ing that provides a very convenient basis for soundness and completeness proofs, 
while ignoring control issues and implementation details. 

As in (?), goals are finite conjunctions of approximation and joinability state- 
ments whereas solutions will be partial data substitutions such that the goal af- 
fected by such a substitution is provable in GORC. Due to technical reasons that 
will become apparent later, we divide LNCEC computations in two main phases, 
as in (?). The first phase transforms an initial goal G into a quasi-solved goal G' 
(only containing variables) by applying the goal transformation rules for — > and 
== presented in Subsection lfi.2l The second phase takes the resulting G' and using 
variable elimination rules, transforms it into a solved goal which represents a solu- 
tion in the sense of Definition l6.5l below. Each transformation step using either a — > 
or == rule is noted as G ^-*~p G' whereas G DVar G' represents a transformation 
step using variable elimination rules. A derivation for a goal is a finite sequence 
of ^->-p -steps (named ^-p -derivation) followed by a finite sequence of ^DVar - 
steps (named a ^DVar -derivation). FAIL represents an irreducible inconsistent 
goal used to write failure rules. Of course, since we work with static types, LNCEC 
will preserve types in the case of a well-typed admissible goal and program (see 
Theorem l7.1UII . As notation, dvar(L) stands for the set of data variables occurring 
in L, where L is either a goal, a multiset of joinability/approximation statements, 
a program rule or an equational axiom. 

6.1 Admissible Goals 

The next definition introduces formally the notion of (well-typed) admissible goal. 
Admissible goals must fulfill a number of technical requirements needed to achieve 
the effect of lazy unification with sharing during goal solving. Example 16.21 below 
will illustrate the treatment of sharing in LNCEC. 

Definition 6.1 {Well-typed admissible goals) 

Let V — (£, C,TZ) be a program. An admissible goal G for V has the structure 
G = 3u ■ SDPOE, where: 

• evar(G) =Def u is called the set of existential variables; 

• S is a system of equations in solved form; i.e. S has the form x\ = s\, . . . , 
%n = Sn, where Sj G Term^(DVar) , 1 < i < n, and Xi occurs exactly once in 
the whole goal, 1 < i < n; 

• P = e\ — > t±, . . . , ek — > tk is a multiset of approximation statements. The set 
pvar(P) =Def Ui=i dvar(ti) is called the set of produced variables; 

• E = e\ == e[, . . . , e m == e' m is a multiset of joinability statements. 
Additionally, any goal G must satisfy the following conditions: 
(LIN) (ti, tk) is linear; 

(EX) pvar(P) C evar(G), i.e. all produced variables are existentially quantified; 
(NCYC) the transitive closure of the relation 3> defined as: x 3> y iff there exists 

1 < i < k such that x £ dvar(ei) and y £ dvar(ti), must be irreflexive (i.e. a 

strict partial order); 
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(SOL) dvar(S) (1 pvar(P) = 0, i.e. the solved part does not contain produced 
variables. 

G is well- typed iff there exists an environment V such that for all e^e' G SUPuE, 
e {— >, ==, =}, there exists r G T TC (TVar) such that e, e' G Ekpr^F). We will 
write env(G) for the collection of all environments V such that G is well typed w.r.t. 
V. As we will see, well-typedness of goals is preserved by LNCEC, as long as the 
program is also well-typed. □ 

In the following, initial goals will be admissible goals of the form DDE whereas 
quasi-solved goals will be admissible goals such that for all e — > t G P and e' == 
e" E E it holds that e,t,e',e" G DVcsr. Finally, goaZs m solved form will be also 
admissible goals with the following structure: 3u ■ SDD. It is easy to check that 
solved goals with S = X\ = Si, . . . , x n = s n , determine an associated answer data 
substitution aa s defined as <Jd s ( x i) — s i} tor all 1 < i < n and (7d s ( x ) = x f° r au 
x ^ Xj, which is idcmpotcnt. 

Some comments on the structure of admissible goals may be helpful. Intuitively, 
each equation x = s in the solved part S denotes a computed answer for x. As we will 
show later, if an admissible goal G has a solution ad, our lazy narrowing calculus is 
able to transform G into a solved goal G' = 3u- S'DD in such a way that the solved 
system 5", viewed as a data substitution Od s , , denotes a solution for G more general 
(modulo the finite set of equational axioms C) than a^. Irreflexivity of 3> allows 
to avoid occur-checks in some of our transformations. Remark that all produced 
variables are existentially quantified because such variables are used to compute 
intermediate results. Furthermore, since (ti,...,tk) is linear, produced variables 
are only "produced" once. The LNCEC treatment of approximation statements 
e — > t G P takes care of the lazy unification of e and t, using narrowing with 
rewrite rules in TZ and mutations with equations in C. Moreover, statements e — > t 
arc handled in such a way that the effect of sharing is achieved. Recall that in 
our framework sharing is not only convenient for the sake of efficiency, but also 
necessary for soundness, due to call time choice semantics for non-determinism. 

More concretely, the effect of sharing will be emulated by means of approxima- 
tion statements of the form e — > x occurring in P. The idea is that e — * x will never 
propagate a binding of x to e, unless e is a data term, but will behave as a suspen- 
sion. In case that the value of variable x is demanded (or computed) somewhere 
in the rest of the goal, a suitable LNCEC transformation will "awake" e — > x to 
trigger the evaluation of e. Let us see a simple example. 
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Example 6.2 

Consider the rewrite rules for coin, double and plus given in the Introduction. Sup- 
pose that we want to solve the goal G = □□ double(coin) —— R. As we know, this 
goal has two correct solutions, namely R = and R = 2, but not R = 1. Let us 
sketch how LNCEC would in fact compute the two correct solutions and avoid the 
incorrect one. 

From the goal double(coin) == R, and applying the rule Narrowing == given in 
Subsection lfi.21 we can get the new goal G\ = 3x ■ Dcoin — > xOplus(x, x) == R. 
Imagine that we would allow to propagate the binding x/ coin. In such a case, 
we would get the new goal G2 = == plus{coin, coin). Now, applying again 

narrowing using the rule plus(l,0) —> 1, we would get the goal G3 = □□coin — > 
1, coin — > ODR == 1. From G3, according to the rules for coin, we would be able 
to compute the solution R = 1, which is known to be unsound in our setting. 

In order to avoid this kind of unsound computations, what we do is to forbid 
propagations of bindings such as x/ coin. From plus(x 1 x) == R it is not yet obvious 
that the value of x is demanded. Therefore, the computation can only proceed by 
applying Narrowing == to narrow plus(x, x). This can be attempted with any of the 
four rewrite rules for plus. The second and third one lead to failure, while the other 
two give rise to the two new goals 

G2 = 3a; • Ocoin — » x, x — > 0, x — * 0OR == 0, 
G3 = 3x ■ Ocoin — » x, x — ► 1, x — * 1DR == 2 

respectively. By binding a; to in G2 and a; to 1 in G3 (rule Imitation+Decom- 
position^) and applying Decomposition^, these goals become: 

G' 2 = 3x ■ x = ODcoin -> ODR == 0, 
G' 3 = 3x ■ x = lOcoin -> IDR == 2 

which can be solved by narrowing coin with the rule Narrowing^, leading to the 
expected solutions. ■ 



6.2 Transformation Rules for LNCEC 

Some of the == and — > goal transformation rules described below, related to muta- 
tion, use the "linearization" of C. Formally, is obtained from C by replacing 
each strongly regular equational axiom c(ti, . . . ,t n ) « d(s±, . . . , s m ) by the rewrit- 
ing rules c(t[, . . . , t' n ) — > d(si, . . . , s m ) <= C\ and d(s[, . . . , s' m ) -> c(ti, . . . , t n ) <= 
G2, where c(t[, . . . ,t' n ) and C\ are calculated as follows: For each variable x in 
c(ti , . . . , t n ) occurring k > 1 times, we replace each j-th occurrence of x, 2 < 
j < k, by a fresh variable yj adding in C\ the joinability statements x == yj. 
In the same way d(s' l7 . . . , s' m ) and G2 can be calculated from d(si, . . . , s m ). For 
instance, for the strongly regular equation c[x, x, x, y) w d(y,y,y,x) we get the 
rewriting rules c(x,xi,x 2 ,y) — > d(y,y,y,x) <= x == X\,x == x 2 and d(y,yi,y 2 , 
x) -> c(x, x, x,y) <=y ==yi,y == yi- 

Using rule instances from [C]_» is equivalent to using inequalities from [C]z\ as 
explained in Definition ^. 5l above. This new view allows a more uniform presentation 
of goal solving, since algebraic data constructors and defined functions have now 



34 



Puri Arenas- Sanchez and Mario Rodriguez- Artalejo 



similar rewrite rules. Rules (MUT) and (OMUT) of Definition ^. II must be modified 
as follows: 

C 

(MUT) C-Mutation : if s -»• t <t= C G [C]_ 

s -> f 

• • * -) &i ^ } * * • ) ^ ^ ^ 

(OMUT) Outer C-Mutation : 

c(e n ) -> t 
if t ^_L, c(t„) ^s^Ce [C]_ 

where [C]_ = {(s -> i 4= C*)o- d | s -> i 4= C G C_>, cr d G DSub±}. 

In the sequel we will always assume this new version of the rewriting calculi. The 
next proposition ensures that the rewrite rules in C_> are well-typed. The complete 
proof has been moved to the Appendix iBl 

Proposition 6.3 {Preservation of well-typedness by "linearization") 
Let c(t n ) rs d(s m ) be a well-typed strongly regular equation. Let c(t' n ) — ► d(s m ) 
Ci be one rule obtained by applying "linearization" to the equational axiom. 
Then there exist an environment V and type variants c : (ti, . . . , r„) — > r and 
d : (r{, . . . , r^J — > r of the principal types of c and d respectively, such that 
c(t' n ),d(s m ) G Term^(V) and Ci is well-typed w.r.t. V. □ 

In the description of the transformation rules given below, the notation c(e n ) 
stands for c(ei, . . . , e„), c 6 DC n , e, G Expr^DVar), 1 < i < n. Analogously, 
/(e n ) is a shorthand for f(e±, . . . ,e n ), where / G and e, G Expr^(DVar) 1 

X < i < n. Furthermore, all bracketed equations [x = s] occurring in S mean 
that x = s only occurs in S if x $ pvar(P). We regard conditions e == e' E E as 
symmetric for the purpose of applying goal transformations. Note that no particular 
strategy is assumed to select a particular part of G = 3u-SUPUE to be transformed 
by one of the possible goal transformation rules. 

6.2.1 Transformation rules for == 

Decomposition^: 

3u ■ Sapa c (e n ) == c(e' n ),E ^ v 3u ■ Sapa ei == ei, .. . ,e„ == e' n ,E 
Mutation == : 

3u ■ Sapa c (e n ) == e', E ^ v 3x, u ■ Sa ei -> h, . . . , e n -»■ t n ,PaC, s == e', E 

where Eq : c(t n ) — > s <= C is a variant of a rule in C_> with 5= dvar(Eq) 
fresh variables. 

lmitation+Decomposition == : 

3u • SQPDx == c(e„), £ ^ 

3x„,u • [x = c(x n )], (SOPOxi == ei, . . . ,x„ == e„, P)[x/c(x n )] 

where fresh variables. 
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lmitation+Mutation == : 

3u ■ SOPdx == c(e„), E ^-p 3 z, x m , u ■ [x = d(x m )], 

(SUxi -*ti,...,x m -> t m ,POC, s == c(e n ),E)[x/d(x m )] 

If c, d are algebraic constructors of the same datatype, where Eq : d(t m ) — > s <= C 
is a variant of a rule in C_>, z= dvar(Eq) and XfYi 3JTG fresh variables. 
Narrowing == : 

3u- SaPOf(e n ) == e\E ^ v 3 x, u- Su ei -> ti, . . . , e„ ->• t„, PDC, r == e', E 
where Rul : f(i n ) — > r C is a variant of a rule in 1Z with 5= dvar(Rul) 
fresh variables. 

#.,2. ,2 Transformation Rules for — > 

Before presenting the transformation rules for — >, we need to introduce the concept 
of demanded variable, i.e., a variable which requires the evaluation of an expression 
in order to be unified with the result of such evaluation. 

Definition 6.4 (Demanded variables) 

Let G = 3u ■ SOPDE be an admissible goal. A variable x G dvar(G) is demanded 
iff there exists a sequence of approximation statements in P of the form xq — > 
Xi,X\ — ► 22, ■ ■ ■ , £fc-2 — * Xk-i,Xk~i — * Xk, such that xo = x and x^ == e e £ or 
e == Xfe 6 £\ fc = is possible, in which case x == e E E or e == ieE, for some 
e G Expr^(DVar). 

In the following dmvar(G) will denote the set of demanded variables in G. □ 

As we will see below in Definition 16.51 any solution (partial data substitution 
ad) for G must guarantee the existence of GOi?G-proofs for all joinability and ap- 
proximations statements in G affected by ad- Due to the semantics of joinability 
and approximation statements (see Theorems 14.31 and I5.1U|) , solutions must com- 
pute totally defined values for demanded variables. Thus, in statements of the form 
/(e n ) — > x, / G FS n or c(e„) — > x, c G DC n with x G dmvar(G), the evalua- 
tion of f(e n ) or c(e n ), respectively, is needed (see transformation rules Mutation^, 
Imitation^ and Narrowing^ below). Otherwise (x is not demanded) such evaluation 
is delayed until the application of other goal transformation produces a non- variable 
binding for x, or causes x to become demanded, or causes x to disappear from the 
rest of the goal, in which case f(e n ) — > x (respect. c(e„) — > x) can be eliminated 
by using Elimination^. As we have discussed above, these mechanisms achieve the 
effect of sharing. Moreover, it is because we avoid to process such approximation 
statements eagerly that we can speak of lazy narrowing. As in some other related 
works such as (?; ?; ?) by laziness we mean that our narrowing calculus has the 
ability to delay the unification of parameter expressions with the left-hand sides 
of rewrite rules. This is needed for completeness, since both innermost and outer- 
most narrowing are known to be incomplete (?). Nevertheless, we do not claim that 
LNCEC computations perform only needed steps. On the contrary, LNCEC compu- 
tations with redundant steps are possible, partly because of unnecessary mutation 
transformations and partly due to other reasons; see discussion in (?), Sect. 8. Ac- 
tual programming languages based on our ideas should implement refinements of 
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LNCEC which avoid unneeded computations, in particular, redundant mutations. 
A first attempt in this direction, limited to a language with multisets and arbitrary 
free data constructors, has been presented in (?). The concept of needed narrow- 
ing (?; ?), based on Huet and Levy's theory of needed reductions (?; ?) gives a 
strategy which avoids unneeded narrowing steps for so called inductively sequential 
rewrite rules. However, to our best knowledge there is no theory of needed reduc- 
tions which can be applied to rewriting/narrowing modulo equational axioms for 
data constructors. Even for the case of multisets, the notion of needed reduction 
becomes unclear. For instance, matching a simple pattern such as {[0 | is} requires 
an unpredictable amount of evaluation for the matching expression. 
The transformation rules for — > are the following: 

Decomposition^: 

3u-Sa c (e n ) ->c(i n ),PUE ^> v 3u ■ SUei -> h, . . . , e n -> t n , PUE 
Mutation^: 

3u ■ SUc(e n ) ->• t, PUE ^ v 3 x,u ■ SU ei -> h, . . . ,e„ -> t n , s -> t, PUC, E 

If t £ DVar or t e dmvar(G), where Eq : c(t n ) — > s <= C is a variant of a rule 
in C_», with x= dvar(Eq) fresh variables. 

I mitation+Decom position^: 

3u- SUx ->■ c(t n ),PDE ^ v 

3x n , u-[x = c(x n )}, (SUx 1 -> ii, . . . ,x n t n , PUE)[x / c(x n )\ 

where fresh variables. 

I mitation+ Mutation^: 

3u ■ SClx — > c(t n ), PUE 3 z,x m ,u ■ [x = d(x m )], 

(SO Xl -> Si,... , X m > S m , s -> c(t n ),POC, E)[x/d(x m )] 

If c, d are algebraic data constructor of the same datatype, where 
Eq : d(s m ) — > s C is a variant of a rule in C_>, and z= dvar(Eq), 
and fresh variables. 

Imitation^: 

3x, u-SUc(e n ) — ► x, PUE ^-p 3x n , u-SU(ei — > xi, . . . , e„ — > x„, PUE)[x/c(x n )] 
If x G dmvar(G), where Xji 9XC fresh variables. 

Elimination^: 

3x,u- SUe^ x,PUE ^ r 3u-SUPUE 

If x dvar(PUE). 
Narrowing^: 

3u ■ SUf(e n ) -> t, PUE ^ v 3x,u-SOei^>ti,...,e n -yt n ,r->t,PnC,E 
If t DVar or t e dmvar(G), where : f(t n ) — > r -£= C is a variant of a rule 
in 7?., and x= dvar(Rul) are fresh variables. 

6.2.3 Failure Rules 



The failure rules below should be applied before the rest of ^-p -rules in order to 
detect failures as soon as possible. The set svar(e) in rule Cycle denotes the set of 
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safe variables occurring in e, i.e. the set of variables x such that x occurs in e at 
some position whose ancestor positions are all occupied by free constructors. In (?), 
a different notion of safe variable is used: "x is safe in e iff x occurs in e at some 
position whose ancestor positions are all occupied by constructors" . This notion 
wouldn't lead to a correct Cycle rule in a language with algebraic constructors. For 
instance, in our framework, if c(a) «aeC then x == c{x) has a solution x = a. 

Conflict==: 

3u ■ Sapa c (e n ) == d(e' m ), E ^ v FAIL 

If c 7^ d and c, d are free constructors, or c is free and d is algebraic 
or c is algebraic and d is free. 

Cycle: 

3u ■ SOPOE ^ P FAIL 

If E contains a variable cycle, i.e., a sequence of strict equalities of the form: 

x == ei[xi],xi == e 2 [x 2 ], ■ ■ ■ , x„_ 2 == e„_i[x„_i], x„_i == e„[x ], 

where n > 1, Xj G DVar, < i < n — 1, and ej[xj] £ Expr^DVar) — DVar, 
1 < i <n, represents an expression in which Xj G svar(ei). 

Conflict^: 

3u ■ Sa c (e n ) ->■ d(i m ), PDE ^-p 

If c 7^ d and c, d are free constructors, or c is free and d is algebraic 
or c is algebraic and d is free. 

The rule Cycle above is a generalization of that presented in (?). In (?) an "occur- 
check" failure is detected by the rule: Cycle* : 3u ■ SOPDx == e, E <~^ v FAIL, if 
e g' DVar and x G svar(e). In our setting, such a rule is not enough. For instance, 
Cycle* applied to the goal G = DDx == Suc(y),y == Suc(x) would be unable to 
detect failure, whereas Cycle is. Note that no LNCEC transformation can convert 
G into the goal G' = oox == Suc(Suc(x)) , y == Suc(x), where Cycle* would suffice 
to detect the failure. 

6.2.4 Variable Elimination Rules 

Produced variable Elimination: 

3y , u ■ SOx -> y , PDE ^ DVar 3u ■ SU {PUE) [y/x] 
Identity: 

3u ■ SDPDx == x, E ^ DVar 3u ■ SDPDE 
If x g pvar(P). 
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Non-produced variable elimination: 

3u ■ SDPDx == y,E ^ DVar 3u-x = y 1 {SUPUE)[x/y\ 
If x, y $l pvar(P). 

Differently to (?), ^-yp needs don't know choice in the application of trans- 
formation rules 4 . The reason is the incorporation of equational axioms for alge- 
braic constructors. More precisely, when a statement c(e„) == c(e'„) (respect. 
c(e n ) — y c(e' n )), where c is algebraic, has to be reduced it is not known in advance 
which transformation rule (Decomposition^ or Mutation^, where G {==, — >}) 
will succeed. For instance, considering c(a) « c(b) S C, where a and b are free 
constant symbols, we get that c(a) == c(b) must be reduced using Mutation == but 
c(a) == c(a) should be reduced using Decomposition == . However, in both cases, 
both rules are applicable. Some other times, frequently in presence of variables, both 
rules are able to capture a solution, even the same. For instance, consider the goal 
□ □c(a) == c(x) which clearly has as possible solutions {x = a} and {x = b}. Us- 
ing Decomposition == and lmitation+Decomposition == we get the solution {x = a}. 
Now, applying Mutation == to c(a) with c(a) — > c(b) G C_>, Decomposition^ and 
lmitation+Decomposition == we get another solution {x = b}. Furthermore, apply- 
ing Mutation == to c(x) with c(a) —y c(b) G we can again capture the solution 
{x = a} computed previously. This shows that LNCEC can compute repeated 
solutions, something undesirable from a practical point of view, which shows its 
practical weakness. 

Another problem is that mutations with respect to " symmetric" C-equations such 
as Qx, y\zs } « \ y, x\zs } can lead to infinite LNCEC-derivations. This difficulty can 
be avoided in an implementation, as we have explored in (?) for the particular case 
of the datatype multiset. There are also some known techniques to alleviate the 
problem of computing redundant solutions for set unification problems (?; ?). At 
the level of arbitrary equational data constructors (even under the restriction to 
strongly regular equations), it seems quite hard to design more efficient narrowing 
calculi, without sacrificing completeness. We will come back to this point in the 
next section. 

6.3 Solutions 

In order to establish the soundness and completeness of LNCEC, we must define 
the notion of solution. Our definition refers to the rewriting calculi from Section 0] 
However, Theorem 15.101 shows that solutions can be also characterized in terms of 
the free term models Ai-p(V). 

Definition 6.5 (Solution) 

Let V — (S, C, 1Z) be a program. Let G = 3u ■ SOPDE be an admissible goal for V 
and ad G DSub±. We say that ad is a solution of G iff 

(TOT) xad G Term-z(DVar) is a total data term for all x G DVar — pvar(P); 

4 Of course don't know non-determinism also appears in the selection of C-equations and program 
rules to be applied. 
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(EQ) xcfd = sad for all x = s G S; 

(GORC) For all e == e' G E and e" -> f G P there exists a GORC-proof of 
ecid == e'dd and e" o~d — * tad respectively. The multiset composed of all such 
GOR C-proofs will be called a witness M. for G and ad- 

In the following Sol(G) will denote the set of all solutions for G. □ 

Solutions for goals are partial data substitutions. This is because of the presence 
of produced variables. Such variables, which are not present in initial goals, can 
appear (existentially quantified) in intermediate goals of a computation. Since they 
occur in right-hand sides of approximation statements, they serve to express approx- 
imation and thus may need to be given only partial values. For instance, consider 
the functions duo : Set(a) — > Bool and om :—* a defined in Example 14.41 Con- 
sider now the admissible goal G = UUduo{{om]) == True which has the empty 
substitution as solution. By applying Narrowing == using the program rule variant 
duo({x%, y%}) — ► True, we get G' = 3x\,yi ■ □{om} — > {xi,yi}OTrue == True. 
Clearly, any solution a' d for G' must map x% and y\ (produced variables) into _L. 
Otherwise there is no witness for {om} — > {x\, yi}a' d . Notice that for initial goals 
(where only E is present), solutions are total data substitutions due to condition 
(TOT) in Definition ED 

In spite of algebraic data constructors, condition (EQ) in Definition 16 . 51 requires 
syntactic identity. The reason is that the solved part S of a goal represents a 
partially computed answer substitution. Moreover, LNCEC enumerates non de- 
terministically all the possible solutions to any admissible goal, even those be- 
ing equivalent modulo C. This is because the transformation rules Imitation^, 
Imitation+Decomposition^ and Imitation+Mutation^, where G {^;==}> have 
been designed purposefully to mimic the proof steps of any given solution witness. 
In particular, given a solution ad for a goal G, LNCEC can choose to propagate 
bindings x/t in such a way that the new resulting goal G' has a solution a' d such 
that xad is syntactically identical to ta' d . The following example will clarify this 
idea. 

Example 6.6 

Consider an admissible goal of the form G = 3u ■ SOx — > c(i n ), POE having a 
solution ad- Let us analyze the witness M. associated to G and ad- If the GORC- 
proof in M. for xad — > c(i n )ad uses: 

(1) (DC) as last inference step, then it holds that xad = c(s„) and M. con- 
tains subproofs for Sj — -> Uad, 1 < i < n. By applying the propagation rule 
Imitation+Decomposition^, the resulting goal has a solution a' d defined as: a' d {xi) 
= Si, 1 < i < n, so that a' d = ad[\{xx, . . . , x n }] and xa d is syntactically equal 
to c(x n )a d ; 

(2) (OMUT) as last inference step, then xad = d(s m ) and there exists Eq : d(s[, . . . , 
s' m ) — > s" <= C G [C]_> such that the GOi?G-proof for xad — > c(i n )ad in M con- 
tains subproofs for Si —> s' iy C and s" —> c(t n )ad respectively. Trivially there ex- 
ists a fresh variant Eq' : d(sl, . . . , s^J — > s* <= C* in such that Eq — Eq'ad 
for some ad G DSub±. By applying the propagation rule Imitation+Mutation^ 
with Eq' , the resulting goal has as solution a' d defined as a' d (xi) = Si, 1 < i < m, 
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a' d (x) = Ud (x), for all x 6 dvar(Eq') and a' d (x) — <Jd(x) otherwise, where a' d 
verifies that xad is syntactically equal to d(x m )a' d . ■ 

Similar considerations motivate the design of all the transformation rules for 
LNCEC. They are chosen to enable a completeness proof (Lemma 17. 4J that relies 
on a multiset ordering for witnesses (Definition 17. 3|) , as we will see in next section. 



7 Soundness and Completeness of LNCEC 

In this section we establish the soundness and completeness of LNCEC w.r.t. the 
notion of solution given in Definition 16.51 above. First, we present a correctness 
lemma which ensures that ^DVar -steps preserve quasi-solved goals, >-p -steps 
preserve admissibility of goals and fail only in case of unsatisfiable goals and ^p , 
^DVar -steps do not introduce new solutions. The proof proceeds by inspecting 
all ^p and "—^DVar transformation rules and can be found in Appendix [5] 

Lemma 7.1 ( Correctness lemma) 

Let V — (E,C,H) be a program with C strongly regular. Let G be an admissible 
goal. Then: 

(Invariancei) If G ^p G' and G is admissible, then G' is admissible; 
(Invariance2 ) If G ^DVar G' and G is quasi-solved then G' is quasi-solved; 
(Correctnessi) If G ^ v FAIL then Sol(G) = 0; 

(Correctness2) If G ^p G' or G ^DVar G' and a' d G Sol(G") then there exists 
a d e Sol(G) with a d = a' d [\(evar(G) U evar(G'))]. □ 

From Lemma 17. II we can easily prove the following correctness theorem. 

Theorem 7.2 (Correctness of LNCEC) 

Let V = (E,C,1Z) be a program with C strongly regular. Let G be an initial goal 
and G' a quasi-solved goal such that G G' ^* DVar G" = 3u ■ SDD. Then 
ad s e Sol(G). □ 

Proof 

First note that a ds is trivially a solution for the goal G" = 3u ■ SOD. On the other 
hand, suppose that the derivation G G' ^*uvar G" has the form: 

G = Go ^p G\ ^p . . . ^p Gi = G' ^DVar Gj+l ^DVar ■ ■ ■ DVar G n = G 

Now, if we repeatedly apply backwards item (Correctness2) of Lemma 17.11 we 
have that there exists a solution ad of G such that <7d = (Td s [\ Ur=o evar (Gi))]. But 
noting that evar(G) = and dvar(G) fl Ur=o evar (Gi) = 0, we can conclude that 
o~d = o-d s [dvar(G)\. But then, since o~d s is a total data substitution, we have that 
a ds £ Sol(G). □ 

We address now the question of completeness of LNCEC. Given a solution a d of 
a goal G we need to ensure the existence of some terminating sequence of LNCEC- 
transformations, leading to a goal in solved form whose associated data substitution 
is more general than ad, modulo the finite set C of equational axioms. The com- 
pleteness proof relies on a multiset ordering for witnesses (defined in Definition l6.5|l . 
The definition of this ordering is borrowed from (?). 
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Definition 7.3 (Multiset ordering for proofs) 

Let V = (Z,C,ll) be a program and M = {IIi,..., n„}, Ai' = {Ili, . . . ,11^} 
multisets of G0i?C-proofs of approximation and joinability statements. We define 
M < Ai' { |IIi|, . . . , |II n | } -< { |ni|, . . . , |n;„| }, where |II| is the size (i.e. the 
number of inference steps) of IT, and -< is the multiset extension (?) of the usual 
ordering over the natural numbers. □ 

Then, in order to prove that LNCEC is complete, we can argue as follows: Given any 
non-quasi-solved admissible goal G = 3u ■ SOPdE and ad G Sol(G) with witness 
Ai, there exists a c — >-p -transformation rule T such that G ^p G' by applying T 
and G' has a solution a' d with witness Ai' < Ai. Note that this holds for Example 
16.61 since in item (1) Ai' loses one application of the GORC-iule (DC) whereas in 
item (2) Ai' loses one application of the GOi?C-rule (OMUT). Analyzing all the 
possible forms of an admissible goal and reasoning as suggested by Example 16.61 
we can state the following progress lemma, whose complete proof can be found in 
Appendix [5] 

Lemma 7.4 (Progress lemma for ^p ) 

Let V = (£, C, TV) be a program where C is strongly regular. Let G be a non quasi- 
solved admissible goal (different from FAIL and such that no failure rules can be 
applied to it), ad G Sol(G) and Ai a witness for G and ad- Then, there exists a 
-transformation rule T such that G ^->p G' using T and: 

• there exists a' d G Sol(G') such that ad = er^[\(evar(G) U evar(G'))]; 

• there exists Ai 1 a witness for G' and a' d such that Ai' < Ai\ 

• if G and V are well- typed then for all V G env(G), there exists V' 2 V such 
that V G env(G'). □ 

Using the progress lemma, we can prove now the following completeness result 
for ^-p : 

Theorem 7.5 (Completeness of "—t-p ) 

Let V = (Ti,C,TV) be a program with C strongly regular, G an initial goal and 
ad G Sol(G). Then there exist a quasi-solved goal G' and a' d G Sol(G') such that 
G ^ v G' and ad = a' d [dvar(G)\. Furthermore, if G and V are well- typed then 
for any environment V G env(G), there exists an environment V' 2 V such that 
V G env(G'). □ 

Proof 

Thanks to Lemma \7. 41 it is possible to build a ^-p -derivation: G = Go ^>p G\ 
^P G-2 ^p . ■ ■ for which there exist ad = a<i , a& x , o"d 3 , • ■ ■ and Ai = A^Oj-Mi, 
M2, ■ ■ ■ such that adi G Sol(Gi), xad t — xaa i _ 1 , for all x G DVar — (evar(Gi_i) U 
evar(Gi)), Aii is a witness for Gi and a^ and Aii < Aii-\. Since < is a well-founded 
ordering, such a derivation is finite and finishes with a quasi-solved goal G„ = G'. 
Furthermore, since G has no existential variables it holds that ad — ad n [dvar(G)]. 
The last part of the theorem follows from the well-typedness of G, V and the last 
item in Lemma 1*7.41 □ 
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Note that -rules involving algebraic data constructor and propagating bind- 
ings have two versions. The first one is a standard imitation whereas the second one 
combines imitation of the outermost constructor in some C-equation with mutation 
via that C-equation. With these rules the termination of <^->-p is ensured since the 
selection of the transformation rule for getting G' from G depends very directly 
on the witness associated to the given solution (as seen in Example 16.61 and in the 
proof of Lemma l7.4|) . In Appendix 1X1 we present an alternative narrowing calculus, 
which results from the calculus LNC from (?) by adding mutation rules in the spirit 
of (?). This alternative is less indeterministic than LNCEC. On the negative side, 
redundant and/or diverging computations due to mutation transformations are still 
possible. 

As for soundness and completeness, the calculus shown in Appendix [X] is obvi- 
ously correct in the sense of Theorem 17.21 Unfortunately, we have been unable to 
prove the analogon of the progress lemma 17^1 The reason is that propagations of a 
binding x /t can cause the witness for the new goal to include a big number of muta- 
tion steps, thus preventing it to decrease w.r.t. the multiset ordering. For instance, 
consider the initial goal G = OOx == b,c(x) == c(a), where c is a free data con- 
structor and a rj b eC. Let er^ = {x/a} be a solution for G. Assume that instead of 
having our rule lmitation+Mutation == , we had the binding rule Binding presented 
in Appendix 1X1 Applying this rule to G we get G' = x = bDDc(b) == c(a). Con- 
sidering Definition 16 . 51 but replacing (EQ) by equality modulo C we get that G' has 
two possible solutions: <j' d — {x/a} or = {x/b}. Assume now that M. (a witness 
for G and aj) has a GOi?C-proof II for c(a) == c(a) consisting of: 

(1) one application of rule (J) for proving c(a) == c(a) by proving that c(a) — > c(a); 

(2) one application of rule (DC) for proving that c(a) — > c(a) by proving that 
a — > a. Since (1) requires to prove c(a) — > c(a) twice, then in fact we have two 
applications of (DC); 

(3) one application of (DC) for proving that a — > a. Again by (2) we have two 
applications of (DC). 

Thus IT has 5 inference steps. But any GOi?C-proof II' for c(a) == c(b) has 
more inference steps than IT. That is, there is no witness for G' decreasing in <a. We 
conjecture that the goal solving calculus given in Appendix^]is also complete, but 
we were unable to find a termination ordering for the completeness proof. To prove 
completeness of this calculus is an interesting open problem, since its behaviour 
is less wildly indeterministic. Therefore, it is much better suited as a basis for 
implementations . 

Let us now present several results related to ^DVar -rules. For that, we define 
the following well-founded ordering, useful for proving that any ^DVar -derivation 
always terminates (see Lemma l7.7f) . 

Definition 7.6 (Order for quasi-solved goals) 

Let G = 3u ■ SOPOE and G' = 3u' ■ S'UP'UE' be quasi-solved goals. We say that 
G' > G iff n < m, where n and m are the number of approximation and joinability 
statements occurring in P'DE' and PDE respectively. □ 
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Finally we state the lemma which ensures the termination of ^DVar along with 
the preservation of types, quasi-solved goals and solutions. The proof is easy and 
follows by inspection of the °->£>Var -rules. The notation ad =c Odl-^l' ^ — DVar, 
means that xo~d ~c xo ~'di f° r all a; S X, whereas ad <c means that there 

exists a d G DSub± such that xa' d «c xaaa'L for all x £ X . 

Lemma 7.7 {Progress lemma for ^->DVar ) 

Let V = (E, C, TV) be a program with C strongly regular. Let G be a quasi-solved but 
not solved goal (different from FAIL). Then there exists a ^DVar -transformation 
rule T such that G ^uvar & using T and: 

• there exists a' d G Sol(G') such that a' d <c aa', 

• G'>G; 

• if V and G are well-typed then for any V € env(G) it holds that V G env(G'). □ 
Proof 

Firstly we prove that if G is quasi-solved (not in solved form) and different from 
FAIL then there exists a ^DVar -rule applicable to G. We have two possibilities: 
If P is not empty, then P contains an approximation statement of the form x — > y 
and we can apply the rule Produced variable elimination. Otherwise (P is empty), 
it holds that for all x == y G E we have that x, y £ pvar(P). Then we can apply 
either rule Identity or rule Non-produced variable elimination. The proof of the first 
item of the theorem proceeds by inspecting all variable elimination rules. For rule 
Identity, it is enough to take a' d equal to o&. Then it is trivial that a' d G Sol(G') and 
v'd 5= <J d- For Produced variable elimination, we define a' d as: cr' d (y) = w, where w 
is a fresh variable, and cr'Jz) = <7d(z) otherwise. Finally, for Non-produced variable 
elimination it is known that (Jd{x) == <Jd(y) is GOi?C-provable. Then, there is t G 
Term^(DVar) such that the approximation statements o~d(x) — > t and Ud{y) —> t are 
GOi?C-provable. Let us define a d as follows: cr d (x) = a d (y) = t, and o-' d (z) — <j<i{z) 
otherwise. From Theorem 14.31 (c), it holds that (Jd{x) «c o'diy) ~c t — a d( x ) = 
Cj(y). Then ad =c G 'd an< i trivially a' d is a solution for G'. The rest of the lemma 
is straightforward. □ 

Using this lemma we get: 

Theorem 7.8 (Completeness of ^DVar ) 

Let V = (E, C, TV) be a program with C strongly regular. Let G be a quasi-solved goal 
and ad G Sol(G). There exists a solved goal 3u ■ Son such that G ^* DVar 3u • Soa 
and a ds < c a d . □ 

Proof 

From Lemma |7. 71 it is possible to build a ^DVar -derivation G = Go ^DVar G\ 
^DVar G2 ■ ■ ■ such that Gi+\ > Gi and for which there exist ad = ad a , ad 1 , ad 2 , . . ., 
verifying ad, G Sol(Gi) and ad i+1 <c °~di- Since > is a well-founded ordering, the 
derivation at hand is finite, ending in some goal G n = 3u ■ SOD. Hence, it holds 
that ad„ <c &d- Now, the result follows if we prove that ad s < Crf„. Consider 
x G DVar. If x = s G S, then xad n — sad n = xad s o~d n - If x does not occur in S 
then xad„ = xad s ad„- Hence the result holds. □ 
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Note that the theorem above establishes that <7d s <c °~d- hi general, o~d s < a d 
cannot be guaranteed, because of the variable elimination rule Non-produced variable 
elimination. Let us illustrate this by means of a simple example. 

Example 7.9 

Consider the quasi-solved goal G = ODx == y for a program V = (S, C, 1Z) such 
that the equational axiom a « b belongs to C. Then the data substitution ad defined 
as ad{x) — a, o~d{y) = b and ad{z) = z otherwise, is clearly a solution for G. In 
particular, note that we can prove xod == y<Jd hi GORC by using the rule (J), 
proving previously xo~d — ► a (by using (DC)) and yod — > a (by using (OMUT) with 
the oriented equational axiom b a). 

Now, the unique possible applicable rule to G is the rule Non-produced variable 
elimination, which transforms G into the solved goal G' = x = Clearly <Td s < 

ad does not holds, but ad s <c °~d holds, because of the substitution a' d defined as 
a' d (y) = a ' = z otherwise. In fact, for this a' d we get xod = a = xad s a' d , 

yo d = i«c« = yOd s o-'d, zo d = z = za ds o-' d , for z ^ x,y. ■ 

From Theorems 17.51 and 17.81 we get our final completeness result. 

Theorem 7.10 (Completeness of LNCEC) 

Let V = (£, C, 7Z) be a program with C strongly regular. Let G be an initial goal and 
o~d G Sol(G). There exist a quasi-solved goal G' and a solved goal G" = 3u • 
such that G ^->p G' ^hvar G" an( i — c o"d[duor(G)]. Furthermore, if G and V 
are well-typed then G<Jd s is well-typed. □ 

Proo/ 

From Theorem l7.5l it holds that there exist a quasi-solved goal G' and a' d G Sol(G') 
such that G ^->p G' and ad = o^[dvar(G)]. From Theorem 17.81 it holds that there 
exists a goal G" = Bu-Snn in solved form such that G' ^* DVar G" and Od s <c o'd- 
Hence, the result follows trivially. 

The well-typedness of Gad s follows from Theorem 17.51 and Lemma im The proof 
can be reasoned as follows: Let V be an environment such that V G env(G). Then, 
Theorem 17.51 ensures that there exists an environment V extending V such that 
V G env(G'), i.e., G' is well-typed w.r.t. V . Now, applying repeatedly Lemma IT?! 
we have that V G env(G"), i.e., G" is well-typed w.r.t. V' . But note that since V 
extends V, then V' G env(G). On the other hand, for all x = t G S, it is known 
that there exists a common type r for x and t in V' . Hence, the effect of applying 
ad s to G is to replace variables by terms which have the same type (in V) that 
the variables which replace, i.e., V G env(Ger<j s ). □ 

8 Conclusions 

We have presented a general framework for functional logic programming with 
algebraic polymorphic datatypes, whose data constructors can be controlled by a 
specified set of equational axioms. Defined functions are lazy and possibly non- 
deterministic. The combination of all these features together is not found in other 
related works we are aware of (?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?; ?). 
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Following the CRWL approach (?), we have given rewriting calculi and models 
which provide an adequate declarative semantics for our programs. This is shown 
by the existence of free models for programs fTheorem 15. 121) . the adequateness of 
the rewriting calculi w.r.t. models fTheorem 15.10(1 . and type preservation results 
f Theorems 14 . 1 II l5"81 and 15 . 1 2|) . We have also presented a narrowing calculus for goal 
solving (named LNCEC), proving soundness fTheorem 17.2(1 . completeness (Theo- 
rem I^TOJ) and well-typedness of computed answers fTheorem l7.10() . LNCEC is not 
intended as an operational model, but rather as an abstract description of goal 
solving that provides a convenient basis for soundness and completeness results, 
while ignoring control issues and implementation details. 

In the near future, we plan to implement the instance of our framework given 
by the equational axioms for multisets, which is expected to allow for many opti- 
mizations w.r.t. the general case. A first step in this direction can be found in (?). 
We also aim at enriching our framework with constraints, coming from a constraint 
system given as a suitable extension of the equational axioms for the data con- 
structors. For instance, for sets and multisets we could introduce disequality and 
membership constraints, in analogy to (?; ?). For the particular case of multisets, 
the enriched framework has been successfully developed by the first author in her 
Phd thesis (?). The extension of this work towards a general scheme for declarative 
programming with constraints over arbitrary algebraic datatypes, is left for future 
research. 

Acknowledgments: The authors are indebted to their colleagues A. Gil-Luezas 
and F.J. Lopez-Fraguas for their support to the development of this work. The 
constructive criticisms of several anonymous referees have helped to improve an 
older version of the paper. 
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A Another lazy narrowing calculus based on Equational Constructors 

Consider the following goal solving calculus resulting of adding Mutation rules to 
the lazy narrowing calculus from (?): 

Transformation rules for ==: 

Decom position == : 3m ■ SaPOc(e n ) == c(e'„), E 3m ■ SaPa . . . , e; == e-, . . . , E 
Mutation = = : 3m ■ SaPOc(e n ) == e , E ~~> v 

3 x, u ■ Sn . . . , ei -»• U, . . . , PDC, s==e',E 

where e' DVar and Eq : c(i n ) — > s •<= C is a variant of a rule in 

with x= dvar(Eq) fresh variables. 
Identity: 3m • SaPOx == x, E ~-* T 3u ■ SaPOE 

if x pvar(P). 

Binding: 3u • SDPOx == s, E ~~> v 3u ■ x = s, (SaPOE)a d 

if s € Term^(DVar) , x s, x £ pvar(P) and dvar(s) n pvar(P) = 0, 

where cr^ = {a;/s}. 
lmitation = = : 3m • SOPdx == c(e„), £ ~>-p 

3x n ,u ■ x = c(x„), (SDPD ...,Xi == d, . . . , E)o d 

if c(e„) Term s (DVar) or (foar(c(e„)) n pvar(P) ^ 0, x pvar(P) 

where ad = {a;/c(S n )} and x„ fresh variables. 
Narrowing == : 3m ■ SnPn/(e n ) == e', P 

3a:, m • £□ . . . , a -> U, . . . , POC, r == e', E 

where Rul = f(i„) — ► r •<= C is a variant of a rule in 72. 

with x = dvar(Rul) fresh variables. 

Transformation rules for — >: 

Decomposition^ : 3m • SDc(e„) — > c(t„), POP 3u • SO . . . , —> U, . . . , POE 
Mutation^ : 3m • SDc(e n ) -> t, POE 3x, u ■ SO . . . , ei -> U, . . . , s -> t, PUC, E 

where t DVar and Eq : c(i n ) — ► s <= C is a variant of a rule in 

with a = dvar(Eq) fresh variables. 
Output binding: 3m • SUx -c t, POP 3m • [a; = t], (5DPDP)a d 

if t DVar, where ad = {x/t}. 
Input binding: 3x, u ■ Sat -» a:, POP ~»-p 3m • Sa(POE)a d 

if t 6 Terms(DVar) , where <7d = {z/t} 
Input imitation: 3a;, m • Snc(e n ) — > x, PUE -^v 3x n , u ■ SO(. . . , a — » Xi, . . . , PDE)ad 

if c(e n ) ^ TerrriT;{DVar), x G dmvar(P), where a d = {x/c(x n )}, 

x n fresh variables. 

Elimination^: 3x, u ■ SOe -> x, POE 3m ■ SaPOE if x £ dvar(POE). 

Narrowing^ : 3m • StJ/(e„) -> t, PDP 3a:, « • . . . , a -»• t { , . . . , r -»■ t, PDC, P 

if £ ^ PFar or t 6 dmvar(G), where Rul : f(i n ) — » r <= C is a variant of a rule 

in 72. with x = dvar(Rul) fresh variables. 

Failure rules are the same that those for LNCEC. Considering the new definition 
of solution: 

Definition A.l (Solution) 

Let V — (S, C, 7£) be a program. Let G = 3u ■ SOPDE be an admissible goal for V 
and as, € DSub±. We say cr^ is a solution of G iff 

• xo-rf e Term^(DVar) for all a; € DVar — pvar(P); 

• xo<i ~c so ~d for all x = s e 5 1 ; 
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• For all e == e 1 G E and e" — > t G P there exists a GO-RG-proof of e<7d == e'dd 
and e"o~d — > icd respectively. □ 

We ensure that the lazy narrowing calculus above is sound in the sense of Theo- 
rem [^| and conjecture that possibly verifies the following completeness theorem: 

Conjecture A. 2 

Let V = {Y,,C,1Z) be a program where C is strongly regular, G an initial goal and 
Od G Sol(G). Then there exists a solved form 3u ■ SOD such that G ~~*v *3u • SOD 
and <7d s <e o- d [dvar(G)\. Furthermore if V and G and well- typed then G(Jd s is 
well-typed. □ 



B Proofs 

Proof of Theorem \4-S\ 

(a =>). The result holds because any step within a GGi?G-proof can be easily 
replaced by one or several 5i?G-steps. This is trivial for (B), (RR), (DC) and (J) 
rules. A (OMUT)-step can be replaced by several 5i?G-steps, according to the 
following scheme: 

(TR) 

(MUT) 

(MN) . ei d ->f n (TR) C^x ...,t n )->s 8-*t_ 

c(ei, . . . ,e ra ) -» c(ti, . . . ,t ra ) c(ti, . . . ,t„) -> t 

c(ei, . . . , e„) -> f 

where c(ii, . . . , i„) □ s G [C]-,. Analogously, a (OR)-step can be simulated in BRC 
as follows: 

(P) G 

(MN) ei — ^' ' ' ' ' e " — - tn (TR) /fti; ■ ■ ■ ^ r r — > t 

( TR ) /(ei, . . . ,e„) ->■ f(h, . . .,t„) f(t l7 . . .,t n ) -> t 

/(ei,...,e n ) ->t 

where /(t x , . . . , t n ) -f r <^ G € 

(a <=). Due to the inference rule (J), it is enough to prove that every 5i?G-provable 
approximation statement e — > t is also GO-RG-provable. We reason by induction on 
the length of the given Bi?G-derivation. if t =T, then e — > i can be derived by rule 
(B). If e is some variable x, then i must be also x (because x —>■ t with t ^ x cannot 
be proved in BRC with C being strongly regular) and x — * x can be derived by rule 
(RR). Otherwise, we can assume e = h(e%, . . . ,e n ) for some h G DC n U FS n . Now 
we can distinguish three cases: 

(i) h = f € F5 n . Then, from the BRC-prooi of e — + t (of length I, say) we obtain 
a sequence of rewrite steps: 

/(ei, . . . , e„) -»•* /(ii, . . . , t„) -> r — »* t 

where each step applies either a rewrite rule of the form e — >J_, or a rewrite 
rule from [7^]_>, or a rewrite rule of the form s' — > s such that s' □ s G [£]□■ 
In particular, the rewrite step f(t±, . . . , t„) — > r will correspond to some rewrite 
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rule f(ti, . . . ,t n ) — > r <= C G By induction hypothesis, we can assume 

that &i — ► ti (1 < i < n), C and r — + i are GOi?G-derivable (because they have 
_Bi?G-proofs of size less than I). Then we can conclude that f{e\, . . . , e„) — ^ t is 
GOi?G-derivable by applying (OR). 

(ii) h = c G DC n , t = c(ii, . . . , i„) and the BRC-prooi of e — > i determines a 
sequence of rewrite steps: 

c(ei, . . . , e„) ^* c(ti, . . . ,t„) 

where each step uses some of the rewrite rules mentioned in (i) , applied at some 
position strictly below the root. Then, we can use the induction hypothesis to 
find GGRG-proofs for — > ti (1 < i < n), and apply rule (DC) to conclude 
that c(ei, . . . , e„) — > c{t\, . . . , i„) is GGRG-derivable. 

(iii) h = c E DC n and the 5i?G-proof of e — * t determines a sequence of rewrite 
steps 

c(ei, . . . , e n ) — ►* c(ti, . . . , i n ) — > s ->* £ 

where each step uses some of the rewrite rules mentioned in (i), and in particular, 
the step c(ii, . ..,£«.) - * s is such that c(ti, . . . ,t n ) □ s G [£]□■ By induction 
hypothesis, we can assume the existence of GO-RG-proofs for — ► tj (1 < i < n) 
and s — ► t. Then, we can apply rule (OMUT) to conclude that c(ei, . . . , e„) — > < 
is GORG-derivable. 

(b). It is straightforward from the structures of the inequational calculus presented 
in Definition 12 . 51 and the BRC calculus. 

(c =>). If s == t is _Bi?G-provable, then there exists if G Terms{DVar) such that 
s — > t' and t if are _Bi? G-provable. From (b), we get that s 3c t' arid £ 3c 
From Proposition 12. 61 (c). it follows that s,t G Term^{DVar) and s f«c ~C £• 
(c •<=). From s f and item (b), we get that s — > s and t — ► s are _Bi?G-provable. 
As s G Termz(DVar), we can apply (J) to get the result. □ 

Proof of Lemma \4-10\ 

(a) . Assume that {2:1, . . . ,x m } =Def {% G U™=i dvar{ti) \ xad ^ x). Suppose 
that XiOd — t'l, 1 < i < m. Since Uod G Termf^iy) then, applying n times 

Lemma 14.81 there exist r/, 1 < i < m, such that ^ G Term^ ± (V) and V[xx : 
r-[,...,x m : r^J h^^ : rjUt, 1 < i < n. From Lemma 14.91 fah it follows that 
y[xi : r{, . . . , x m : t^J r : rat. Now, from Lemma f4. 71 rod G Expr^(V). 

(b) . Assume that yi, . . . , yk are all the variables of c(t\, . . . , t n ) such that t/j, 1 < 
j < k, occurs nj > 1 times in c(t%, . . . ,t n ). Consider new variables yij, 1 < i < fc, 
2 < j < 7T,j . Let c^, . . . , t n ) be the term resulting by replacing in c(t%, . . . , i„) each 
p-th occurrence of yi by yi P , l<i<k,2<p< n^. For er^ G DSub± defined as: 

zcr , f z^y i0 ,l<i<k,2<j <ni 

d \ zud otherwise 

we have that c(i' l5 . . . , t^)^ = c(*i, . . . , i n )o"d and d(si, . . . , s m )ad = d(si,..., 
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Assume now that {x\, . . . ,x{\ =Def {% £ Ui = i ^ war (*0 I xo d ^ x }- Suppose 
that Xi<j' d = t'(, 1 < i < I. Since t^a^ = tiO^ G Terrri£° t (V) then, applying n 

times Lemma 14. 81 there exist r", 1 < i < I, such that t'( G Term^^{V) and V[cci : 
r", . . . , xi : t"] t'i '■ i~iO~ti 1 < i < n. On the other hand, note that all variables 
Uijy 1 < * < fc, 2 < j < rii, are annotated in V[xi : r", . . . , xi : r"] with the same 
type-annotation. Therefore, we have also that V[x\ : r", . . . , xi : r"] \~s x i,; : Tid t . 
Now, Lemma [4.91 (b) ensures that V[x\ : r", . . . , xi : r"] \—s ± d(s\, . . . , s m ) : rcr f . 
Finally, Lemma f4.7l entails d(si, . . . ,s m )a' d G Term™*(V). Now, the result follows 
from d(si, . . . ,s m )cr^ = d(sx, . . . , s m )cr rf . □ 

Proof the Theorem \5.ti\ 

Let us prove that Aij>(V) verifies all items in Definition l5.ll From Proposition ^. 61 
we have that Term-£ ± (X)/ ~ c is a poset with partial order \_ M 'p( v ) and bottom 
element ±_ Mvi - v \ i.e. item (1) holds. 

Item (2): Let us prove that £ Mv ^ v '>(t) is a cone in Termz ± (X)/ ~ c , for all 
t G T TC (A). Consider [*i],[t 2 ] £ Term Si (X)/~ c such that [t t ] G £ m *»( v )(t) (i.e. 
V h Si ti : r) and [t 2 ] [t x ]. Then t x 3 C i 2 , that is, from Theorem PI 

ti —^p i 2 . Now, from the proof of Theorem 14.111 and assuming C strongly regular 
and well-typed, we get t 2 G Term^ ± (V), that is [t 2 ] G £ m ^ v )(t). 

Item (3) is trivial. In order to prove items (4) and (5), we have to check firstly that 
for all h G DC n UFS n , h Mr(y *> is well-defined, i.e. it does not depend on the selected 
representants of the equivalence classes. Consider elements U,Si G Term^ ± (X), 
such that U ~c Si, 1 < i < n. If Si ~c 1 < i < n, then by Theorem 14.31 and 
the 5i?C-rule (MN), it holds that for any c G DC n : c(ti . . . ,t n ) «c c(si, . . . , s n ), 
i.e. [cfa. ..,t n )} = [c( Sl ...,s n )}. Hence, c M ^) {[ tl ], . . . ,[t n ]) = c M ^ v \[ Sl ], . . . , 
[*,]). Similarly, for all / G FS n , f M ^ v \[h], [t n ]) = {[t] \ f(h, . . .,*„) 
t}. But, from Theorem PI and the RRC-rules (MN) and (TR), it holds that 
f M ^([t 1 },...,[t n ]) = f M *( v \[s 1 ],...,[s n }). 

The monotonicity of h Mv(v \ for all h G DC n U FS n follows from the follow- 
ing fact: If [U] Q m -p(V) ^ 1 < i < n, then s t 3 C Theorem PI fbl along 
with the 5i?C-rule (MN) entail h(si, ...,s n ) —> v h(ti, . . . ,t n ). If h G DC™, it is 
clear that [/&(*].,...,*„)] [/j(si, . . . , s n )], and hence h Mv( - v ^ ([h], . . . ,[t n }) C 

• ■ • , [«„]). Otherwise, if G F5 n then, for any [t] G . . . , 

[<„]) -by Theorem l4. Al together with the i?i?C-rule (TR)- we have that h(s\, . . . , s n ) 
^ v t, i.e. [t] G h M ^ v H[ Sl ], [s n ]). Hence h M ^ v )([h], [t n ]) C fc^00([ 8l ], 
• ■ ■ , [s„]). 

Knowing that c^ 13 ^- 1 is monotonic for all c G DC, item (4) follows from the 
fact that Def(Mv{V)) = {[t] G Term s± (X)/~ c \ t is a total term}. This is true 
because of Proposition 12.61 fc). Finally, item (5) follows from the monotonicity of 
f M -p( v ) for all/ G FS, and the fact that {[t] G Term Si (X)/~ c | /(t l5 . . . , t n ) ^ v 
t} is a cone. This is true by transitivity of rewriting (rule (TR) in BRC). 

All valuations over the term algebra A4-p(V) can be represented by means of 
substitutions. Any substitution a = (<Tt,o~d) such that er t : TVar — > Ttc(A) 
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and ad ■ DVar — > Term^^X), represents the valuation [a] = (at, [ad]), where 
MO) = Wd{x)]- It is easy to check that [rj^^at = ra t for all r G IVc(^), 
and [t] M ^( y )[<r rf ] = ([ta d ]) for all i G Term Si (X). 

Assume now that V is strongly regular. In order to prove that Mj>(V) is well- 
typed, suppose that c : (t\, . . . ,r n ) — > r G DC and [cr] = (cr t , [ad]) G VaZ(A4-p(V)). 
Consider any [t t ] G S^Wfaat), 1 < i < n, then i { G Term T ^(V), 1 < 
i < n. Thus, c(i x ,...,t n ) G Term^l(V), and [c(*i , . . . , t n )] G ^^(rot). But 
^''(^(TJt) is a cone, then we have that ([c(*i, . . . ,*„)]) C £ M -p( v )( T a t ), that is, 
c^C^ati], . . . , [t„]) C ^W([r]^(^)a t ). 

Assume now that / : (ri, . . . , r„) — > r G FS\ Again, it holds that f(ti,..., t„) G 
Term™l (V). From Theorem PETTI it is easy to check that {[t] \ f(t u . . . ,t n ) ->p 
t} C ^"(^(rdt), that is, f M ^ v \[h], [*„]) C ^(^([rj^^at). □ 

Proof of Characterization Lemma \5.iA 

(a =>). We argue by structural induction on e. 

• If e =_L then, due to the strong regularity of C, we have that t =_L Hence it is 
enough to apply the Bi?C-rule (B). 

• If e G XUDC , then [e] M ^ y ) [a d ] = {[ea d ]). Since [t] G ([ea d ]), then [i] D^OO 
[ead], that is, eo^ □c t. The result follows from Theorem l4.3l (bh 

• If e = c(ei, . . . , e„), c G I?C", then there exist elements [a*] G [eii^^VdL 1 < 
i < n, such that [i] G c Mv< - v ^ ([s x ], . . . , [s„]) = ([c(s x , . . . , s„)]), i.e. c(si, . . . ,s„) 
□c i. From Theorem 14.31 (b), we have that c(si, . . . , s„) — »-p <. On the other 
hand, by induction hypothesis: e^er^ — >-p Sj, 1 < i < n. Applying the BRC- 
rule (MN), we have that c(e\ad, ■ ■ ■ , e n ad) —>v c(si, . . . , s n ). Then, from the 
_Bi?C-rule (TR), we can conclude ead —>v t. 

• If e = f(e\, . . . ,e„), then there exist elements [s^ G [eiJj-^^^Od], 1 < i < n, 
such that [t] G /• A4 *'W([si],...,[s„]), that is, /(si,...,s n ) ->-p t. Then the 
last 5i?C-rule applied in this BRC-proof has been either (B) or (R). If (B), 
then the result follows trivially. Otherwise, /(si,...,s n ) — > t <== C G [7£]_>. 
By induction hypothesis, eia d — >-p Si, 1 < i < n, then, by (MN), we get that 
f{e\a d , . . . , e n ad) —>v f(s±, ■ • ■ , s n ). Using now the -RRC-rule (TR), the result 
can be concluded. 

(a -<=). We proceed by induction on the number of inference steps for the GORC- 
proof associated to ead —*v t. For that, let us analyze the last rule applied in such 
a GORC-proof. 

• For rules (B) and (RR) the result is trivial. 

• For rule (DC), we have that ead = c(ei, . . . , e n ), t = c(ti, . . . , t n ) and —>-p U, 

1 < i < n. If e = x G X, then the result is trivial. Otherwise, e = c(e[, . . . , e' n ) 

and e-CTd = e^, 1 < i < n. By induction hypothesis, we get [ti] G [e-]^^^^ [crd], 

1 < i < n. Hence, [c(ii, . . . , i„)] G {[c(h, . . . , t„)]) = (^"W ([ii], . . . , [t n ]) G 
[ C ( e i,...,<)]^(vO N . 

• For rule (OMUT), we have that ead — c(ei, . . . , e„), C{ ^-p Sj, 1 < i < n, 
s — t-p t, for some c(si, . . . , s„) □ s G [C]-,. If e = i 6 I then the result is 
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trivial. Otherwise, e = c(e' 1; . . . , e' n ) and e' i a d = &i, 1 < i < n. From induction 
hypothesis, [s l ] G [e^^M: 1 < i < n. Hence: 

a -*7> t =► ( Dcnnition of gAMV)) 
^ - l s )^(c( Sl ,..,s„)^ s) 

[t] C^fOO [ c ( Sl ,...,s n )] =► (M e ([ c ( Sl; ... ;Sn )]) a nd def. of M V (V)) 
[t] G cW) ([si]; , [Sn] ) (W e Kr , ( v) W; 

[t]6[c(e' 1 ,...,e' n )]^W[^] 

• For rule (OR), ecr^ = /(ef, . . . , e' n ), e[ —hp ti, 1 < i < n, r — >-p i, and C 
is GO-RC-provable, for some f(t±,...,t n ) — > r ■<= C G [7\L]^. It holds nec- 
essarily that e = /(ei,...,e„) and e^Od = e' t , 1 < i < n. From induction 
hypothesis, [U] G [e^^M, 1 < i < n, that is f M ^ v \[h], . . . , [t n ]) G 
lf(ei,...,e n )] Mv( - v) [a d ]. Hence, from f(h, . . . , t n ) ->p r, r -^p t and the tran- 
sitivity of GORC, it holds that f(h, ...,t n )^ v t, that is [t] G f Mv{v) ([ti], 
[tn])C[/( ei) ...,e„)]^WM. 

(b If (M P (F), fa]) h^i then [eJ^Wfa] D Wfa]. , Now, since 

[t\ M ^ v \a d ] - ([^d]}, we get in particular [ta d ] G [e]^( y ) By (a =►), we 
can conclude that ecr^ -^p ier^- 

(b ^=). If ecr d ->~p icr d , then [ta d ] G [ej^^fa] follows by (a <=). Now, since 
[tf^ y »N = ([to*]), we can conclude that [e] M ^[a d ] D [t] M ^[a d ], i.e., 
(Mp(V),[a d ])^e^t. 

(c If (M V (V), [<r d ]) \= a == 6, then there exists [t] G Def(7erm Si (X)/~ c ) 
such that [t] G [a] Mp(V0 M O [^"PO fa]. From (a it holds that a<j d t 
and 6cTrf — >-p i. From (J), it holds ao d ==p ba d . 

(c <=). If acrd ==-p 6(T(j, then there exists i G Term^(X) such that ao^ — *p t, 
ba d ~> v t. From (a it holds that [t] G [a]^^ fa] n [fcj^^fa], that is, 
(A4p(n [<7 d ]) N □ 



Proof of Theorem \5.1 c A 

Consider h — (h t , h d ) defined as h t {r) — [rj^ryt, for all r G Trc(-A) and /i<i([i]) = 
[t]- 4 ^, for all £ G Termz ± (X). By Theorem 15.101 we know that t «e i' implies 
[i]" 4 ^ = [i'l^d- Therefore, h d is well defined. Obviously, h extends r\ by definition. 
Let us prove that h is a homomorphism. 

We prove firstly that h d is monotonic. Assume that [t] C-^f ( y ) [s]. Then [s] 3c 
[i], or equivalently (Theorem I4.HJI . s —>-p t. From Theorem 15.101 [t]" 4 ^ C [s]" 4 ?/^ 
i.e. MM) Q MM)- 

Items (1),(2) and (3) of Definition 15.111 follow from the definition of h d and 
Proposition l5 . 21 f b) . To prove item (4), consider c G DC n and [U] G Term^, ± (X)/~ c , 
1 < i < n. Then: 

M^^([*i],...,[a)= (IwtkmofC M.cvj ) 
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h d (([c{tx, . . .,*„)]}) =(Monotonicity of h d ) 
h d {[c(ti, . . .,*„)]) = (Definition of h d ) 
[c(ti, . . . , t n )\ A ri d ^(Definition f denotation) 
c A (ltij A Vd, ItnVm) =(Dcfmition of h d ) 

C A {h d {[t 1 ]),...,h d {[tn])) 

Finally, let us consider item (5). Given / 6 FS n and [fj] G Term^ ± (X)/~ c , 1 < 
i < n, we have to prove that. 

hd{f Mr(V) ([tl]j . . . ; [tn]) c /^(fr]), . . . , / lrf ([t n ])) 
By the definitions of f M T>( v ) an d /i^, this is equivalent to the following inclusion: 

\J{\t\ A rid I [t] e Term* A*)/ *eJ(h, ■ ■ ■ ,t n ) t} C /^([tj^^, . . . 

Now, for each t such that /(ti, . . . , t n ) -^-p t, Theorem 15 .101 ensures that (A., r/ d ) \= 
f(t x , . . . ,t n ) -> t, which means {t} A rj d C f A ([h} A r] d , . . . lt n } A r) d ). Therefore, the 
inclusion holds. 

In order to prove that h is unique, it is enough to assume that there exists another 
homomorphism h' — (h' t , h' d ) extending 77 and to conclude that h — h' . Firstly, let 
us prove that for any r 6 Ttc(A), it holds that ht(r) — h' t {T). We proceed by 
structural induction on r: 

• r = a G A. Since h! and h extend r\ then we have that h t (a) = h' t (a) = r) t (a). 

• t = K G TC° . Then the result follows from the definition of homomorphism. 

• T = K(n, T n ), where K G TC n , n G T TC (A), 1 < i < n. Then: 

h t {K (n, . . . ,t„)) = (Definition of h t ) 

lK(n, T n )] A r] t = (Definition of denotation) 

K A (lr{l A Vt , . . . , {r n \ A m ) = (Definition of h t ) 

K A (h t {n), ...,h t (r n )) = ( Induction hypothesis) 

K A (h' t {n), . . . , h! t (r n )) = ^ is homomorphism) 

K(K M ^ v \n, . . . , r„)) = (Definition of M V (V)) 

h' t (K( n ,...,T n )) 

Let us prove now that for any t G Termz ± (X), it holds that h d ([t]) — h' d ([t\). 
We proceed by structural induction on t: 

• t =_L. Then, since h d and h' d are strict then /i^([_L]) = h d ({A-}) = (-L A ). 

• t = x G X. Then, since h' d and h d extend 77, it holds that h' d ([x]) — h d ([x]) — 

• t € DC . Then the result follows from the definition of homomorphism. 

• t — c(tx, . . . , t n ), where c G DC n , U G Terms ± (X) 1 1 < i < n. Then: 

h' d ([c{t u t n )}) = (Monotonicity of h' d ) 

h' d (([c(h, . . . ,t n )])) = (Definition of M V (V)) 

h' d {c M ' p v (\t\], . . . , [tn])) = (Definition of homomorphism) 
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c^Odd^i])- ■•■■> ft d ([*«])) - (Induction hypothesis) 
^(^([tx]), . . . , MM)) = (Definition of fo) 
c A (lhj A Vd, \t n } A rid) = (Definition of denotation) 
[c(h, . . .,t n )J A Vd = (Definition of h d ) 
h d {[c{ti 7 . . .,t n )}) 

Now, since ht = h' t and hd — h' d it holds that h — hi '. It remains to prove 
the second part of the theorem. For that, assume that A is well-typed. Consider 
[t] G Term^ ± (X)/~ c and r G T TC {A) such that i G Term^ ± (V). From Proposition 
ESI h holds that [tj A r) d C ^([r]- 4 ??*), that is, foflt]) C £ A (h t (T)). □ 

Proof of Proposition 1 6'. ^ 

Since c(f n ) ~ d(s m ) is well typed, there exist an environment V and type variants 
c : (n, . . . , r n ) — > r and c? : (r{, . . . , r/„) — » r of the type declarations for c and d 
respectively, such that c(F n ), d(s m ) G Term^V). 

Assume that cci, . . . , Xk are all the variables occurring pi > 1 times in c(i„), 1 < 
i < k. Suppose that the "linearization" process has replaced each j-th occurrence of 
Xi by a fresh variable yij,2 < j < Pi, 1 < i < fc. Consider the new environment: V = 
V U { yij : t* | Xi : t* G V"'}. It holds trivially that c(t[, t' n ),d(s u s m ) G 
Term^iy) and that C\ is well- typed. □ 

Proof of Correctness Lemma \7. 1\ 

(Invariancei) By analyzing all -rules and proving for each one of them that 
G' (resulting by applying the corresponding -rule to G) verifies the conditions 
(LIN), (EX), (NCYC) and (SOL) in Definition O We will only give succinct expla- 
nations justifying the preservation of admissibility for the transformation rules for 
==. Similar reasonings can be used to prove that the transformation rules for — > 
preserve also admissibility. 

Decomposition == : pvar(P), u and S do not change and 3> becomes finer. Then G' 
is admissible. 

Mutation == : Condition (LIN) holds since t n is linear and with fresh variables. Since 
all variables (x) introduced by Eq are existentially quantified, then condition (EX) 
holds. Variables in each U, 1 < i < n, are fresh (hence not appearing in any left- 
hand side of approximation conditions), so no cycle of produced variables can be 
created, i.e. condition (NCYC) holds. Finally, condition (SOL) is trivially satisfied 
by G", since S does not change and all variables in t\ are fresh. 
Imitation + Decomposition == : If x £ pvar(P) then the application of [x/c(x n )] does 
not modify the right-hand sides of the approximation statements in P, i.e. pvar(P) 
does not change. Hence conditions (LIN) and (EX) are verified by G'. On the other 
hand, since x G" pvar(P) and fresh variables, then condition (SOL) holds. 

Since no produced variables are introduced in the left-hand sides of conditions in 
P, condition (NCYC) is true for G'. 

If x G pvar(P), condition (LIN) holds since x n are fresh variables and x occurs 
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only once as produced variable. Similarly, since x n is existentially quantified in G', 
then condition (EX) holds. Since the substitution [x/c(x n )] does not affect to S, 
then condition (SOL) is verified by G'. Since G verifies (NCYC), then any cycle in 
G' must have the form ... >Xj > for some 1 < i < n. But such a cycle can be 
reproduced in G by replacing each Xi by variable x. Hence G' must verify condition 
(NCYC). 

Imitation + Mutation == : x m and all variables introduced by Eq are new and exis- 
tentially quantified. Hence conditions (LIN) and (EX) hold. If x ^ pvar(P) then 
(SOL) holds. Furthermore, the right-hand sides of approximation statements are 
not affected by the substitution [x/d(x m )] and all variables introduced in G' are 
fresh. Hence, G' does not contain cycles (i.e. condition (NCYC) holds). 

If x G pvar(P), 5* does not change. Furthermore, since all variables introduced 
in G' are fresh, then condition (SOL) is true in G". On the other hand, note that 
variables introduced by Eq do not occur in the left-hand sides of approximation 
statements, i.e. such variables can not generate cycles. Since G has no cycles of 
variables, then a cycle in G' must have the form . . . ^> x^ ^> . . ., for some 1 < i < m. 
But such a cycle can be reproduced in G by replacing each xi by variable x. Hence 
G' must verify condition (NCYC). 

Narrowing == : Similar to the case Mutation == . 

(Invariance 2 ) We proceed as in (Invariance)i, analyzing all variable elimination 
rules. 

Produced variable elimination: It holds that pvar(G') = pvar(G) — {y}. Hence condi- 
tion (LIN) holds. Furthermore, S does not change. Hence condition (SOL) is verified 
by G'. Since evar(G') = evar(G) — {y} but y does not occur in G', then condition 
(EX) holds. Finally note that variable x introduced by the substitution [y/x] can 
not produce a cycle because otherwise, variable y would produce a cycle in G. Hence 
(NCYC) holds. 

Identity: Trivial. 

Non-produced variable elimination: Since x pvar(P) then the propagation x/y does 
not affect to the right-hand sides of P, i.e. the set of produced variables does not 
change when applying the transformation rule. Hence (LIN) holds, u does not change 
and x,y £ pvar(P), then (EX) and (SOL) hold. Finally, since y is not a produced 
variable, then no cycles are produced and (NCYC) is verified by G'. 

It remains to prove that all approximation statements and joinability conditions 
in G' only contain variables, but this is trivial from the definition of variable elim- 
ination rules. 

(Correctnessi) We proceed by considering the failure rules, one by one. For rules 
Conflict^, where e {==,—>}, the correctness holds straightforwardly since for 
any ad € DSub±, the statements c(e n )ad == d(e' m )ad or c(e n )<7d — ► d(e' m )<Jd are 
not GOi?C-provable. 

For rule Cycle let us assume that ad £ Sol(G). Then, there exist G0i?C-proofs 
for x n -ia d == e n [x }a d , x n - 2 a d == e n -\[xn-i\Vd, ■ ■ ■, x\a d == e 2 [x 2 ]a d and 
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xaCTd == ei[xi]ad- This sequence of GOi? C-proofs implies that x^ad == e.\\&2 
[. . . [en-ifenf^o]]]]]^ is GGRC-provable. Then there exists t £ Term-z(DVar) such 
that XQOd ™> t and ei[e2[. ■ ■ [e„_i[e„[a;o]]]]]<7d — » t are both GOR C-provable. Since 
xq is a safe variable in ei[ea[. ■ ■ [e„_i[e„[a:o]]]]], then Xo&d must be a strict subtcrm 
of t in some position whose ancestor positions are all occupied by free constructors. 
This contradicts the fact that Xo&d — > t is GOR C-provable. 

(Correctness2) The proof proceeds again by inspecting all transformation rules 
for LNCEC except for failure rules and checking one by one that ad is a solution 
for G. The whole proof is too large and does not reveal interesting ideas. Therefore, 
we will only analyze those rules for == referring to the application of equational 
axioms in C. In the rest of the proof, the notation e — >-p t (respect, e ——v e') 
indicate that e — > t (respect, e == e') is GOR C-provable. 

Mutation == : Consider ad defined as &d( x ) = x for all x £ dvar(Eq) and ad(x) — 
a d (x) otherwise. All items of Definition 16 . 51 hold trivially, except for item (GORC). 
In order to prove (GORC), it is enough to find a GGRC-proof for c(e n )ad == e'ad 
(the rest of approximation/joinability statements in G do not change). But, since 
a' d is a solution for G , we know: 

(*) eiOd — >-p tia d , sa' d ==v c' ad and Ca' d are GGRC-provable. 

Then: 

(1) sa' d —>-p m, e'ad —>-p m, for some m £ Term^(DVar); 

(2) c(t n )a' d ^-p sa' d , since Eqa' d £ [C]_» and Ca' d is GOi?G-derivable; 

(3) From (1), (2) and the transitivity of GORC (Theorem ED (a) ensures that 
GORC and BRC are equivalent) we get c{i n )a' d — s-p m; 

(4) From (*) and the G0i?C-rule (DC) we have c(e n )ad c(i n )a' d ; 

(5) From (3), (4) and the transitivity of GORC we get c(e n )ad -^>v m \ 

(6) From (1),(5) and the GOi?C-rule (J) we can build a GCRC-proof for c(e n )ad 
== e'a d . 

Imitation + Mutation == : 

If x $ pvar(P), then consider ad defined as ad{z) = z for all z £ dvar(Eq) and 
&d( z ) = a 'd( z ) otherwise. Conditions (TOT) and (EQ) from Dcfinition l6.5l hold from 
the proper definition of ad- For proving (GORC) it is enough to find a GGRC-proof 
for xad —— c(e n )ad- The rest of approximation/joinability statements are GORC- 
provable since ad{x) — a' d (x) = d(x m )a' d . So, let us find a proof for xad —— c(e n )ad- 

(1) ad{xi) — > tia'd are GOi?C-provable, then using the GOi?C-rule (DC) we can 
derive d(x m )a d -> d(t m )a' d . 

(2) Ca' d is GOi?C-derivable. Then using (OMUT) we have also that d(t m )a' d 

s<J d- 

(3) sa' d == c{e n )ad is GOi?C-derivable, then there exists m £ Term^DVar) such 
that sa' d — > m and c(e n )ad — > m are both GOi?C-provable. 

(4) From (1),(2),(3) and the transitivity of GORC, it holds that d(x m )ad — > m is 
GOi? C-provable. But d(x m )ad — ad(x), so ^(a;) — > m is GOi?C-provable. 
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(5) From (3), (4) and (J) we get finally that ad(x) == c(e n )ad is GOR C-provable, 
and thus (GORC) holds. 

If x 6 pvar(P), then it is enough to define ad as <7<j(z) = z, for all z G dvar(Eq) U 
x m , <Td{x) = d{x m )a'd and (7d(z) = a' d {z) otherwise, and reasoning as done above. 
□ 

Proof of Progress Lemma \l.J\ 

We analyze all the possible forms of a goal G = 3u ■ SOPdE with the proper- 
ties stated in the lemma. In order to avoid tedious repetitions, we will treat in 
detail only those cases which justify the presence of the c — >-p -rules Imitation^, 
Imitation+Decomposition^ and Imitation+Mutation^. For the rest of the cases, we 
will only mention the °->-p -transformation rule T decreasing M! . 

We assume that in each of the cases below, G' is the goal resulting of applying 
T to G and a' d = ad unless otherwise stated. As notation II : <p indicates that 
II is a GORC-proof for <p whereas (III, . . . , II„) + R stands for the GO-RC-proof 
composed of III followed by il 2 ... followed by II„ followed by one application of 
the GORC-rule R. 

We begin by analyzing the possible forms of joinability conditions in E. 

• G = 3u ■ SOPDc(e n ) —— c(e' n ), E, where c is a free data constructor. Then it is 
enough to choose T = Decomposition == ; 

• G = 3u ■ SOPdc(e n ) == d(e / m ),E, where c,d are algebraic data constructor. 
Then T must be either Decomposition == or Mutation == , according to the witness 
M; 

• G = 3u ■ SOPDx == c(e n ),E, where c is a free data constructor. Then the 
transformation rule decreasing the witness if lmitation+Decomposition == ; 

• G = 3u- SDPOx == c(e n ), E, where c is an algebraic data constructor. Then T 
must be either the rule lmitation+Decomposition == or the rule lmitation+Mutation = = 
or the rule Mutation == , according to the witness A4; 

• G = 3u ■ SDPDf(e n ) == e', E, then T = Narrowing == . 

If all joinability conditions in G are different from the analyzed previous cases, then: 
(I) All e == e' G E are of the form x —— y, where x, y G DVar 

We continue now analyzing all the possible forms of approximation statements 
in P. 

• G = 3u ■ SUc(e n ) — ► c(i n ), POE, where c is a free data constructor. Then T = 
Decomposition^; 

• G = 3u- SUc{e n ) — > d(t m ), POE, c, d are algebraic data constructors. In this case, 
M contains a G0i?C-proof il for c(e n )ad — * d(i m )ad- Let us analyze all possible 
forms of IIo : 
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• Assume that Ho = (. . . , 11^ : &i<Jd — > ti&d, ■ ■ ■) + (DC), where c = d and n = m. 
Let us takeT = Decomposition.,. If we take M' = (A4-{IIo})U{ni, . . . ,U n }, 
it holds that M! <M. Trivially, it holds that for all V G env(G) we have that 
V € env(G'). 

• Assume that IIo = (. . . ,Hi : e^d — * Si, ■ ■ ■ , n c : G, IF : s — > d(ti, . . . , t m )<Jd) + 
(OMUT), where i?g : c(s\, ...,s„)-»s^Ce [£]->•• There exists a variant £5' : 
c(s' 1 , . . . , sJJ — > s' <^= C of a rule in such that dvar(Eq') D dvar(G) = and 
i?g = Eq'ad , for some er^, 6 DSub±. Let us take T = Mutation^ with Sg' and 
cr^ defined as a' d (x) — <Jd ( x ) if x £ dvar(Eq'), a d (x) = <Jd{x) otherwise. Note 
that Cio' d — > s'jtT^ = eiOd — > Si- Analogously G'u^ = C and s'cr^ — > d(ti, . . . ,t m )a-' d 
= s -» d(ti, . . . ,t m )a d . Hence M 1 = (M-{H })U{ILi, . . . , H n , IF, W } verifies 
that M' <M. 

Let us prove now the second part of the lemma. From Proposition 16.31 there 
exists an environment V* such that c(s' n ),s' S TermJ (V*) and C is well- 
typed in V* , where c : (ri,...,r n ) — ► r is a variant of the type declaration 
associated to c. Let V be an environment such that V G env(G). Then, it 
holds that c(e n ),d(i m ) € TfermJ x (y), for some t* 6 TTc(TVar). Furthermore, 
there must be some at G TSub such that € Terra^' (V) , 1 < i < n, and 
t* = Tcr t . On the other hand, since all variables in Eq' are new, then we can 
choose V* in such a way that dvar(V) D duar(V*) = 0. Considering the new 
environment V = V U V*a t and Lemma f4. 51 it holds that C is well- typed in 
such an environment, e t , s[ G Termg^' (V), 1 < i < n, s', d(t m ) G Term™*(V). 
Hence V G env(G'). 

• G = 3u ■ SUx — > c(i„),Pni?. In this case, contains a GO-RG-proof Ho for 
xod — * c{i n )<Jd- The possible forms of Ho are: 

• no = (...,n,j : Si — > tidd,-- ) + (DC), where <7<j(x) = c(s n ). Let us choose 
the transformation rule T = Imitation+Decomposition^. Consider a' d defined 
as <j' d {xi) — Si and o' d {x) = <Jd{x) otherwise. It holds that a' d (x) = Ud{x) = 
c(si, ...,s n ) = c(xi, . . . ,x n )cr d . On the other hand, a d (x t ) — > Ua d = Sj — > Ua d - 
Furthermore, for all e G Expr^(DVar) (xj g" rfwar(e)) we have that e[x/c(a;i, . . . , 
x n )]a' d = e<Td- Now, the witness verifying the lemma is M! = (A4 — {[Ho}) U 

{nx,...,^}. 

The second part of the lemma proceeds as follows: Assume that c : (n , . . . , r n ) — ► 
r G DG. Consider an environment V G env(G). Then, it holds that x and c{t n ) 
have a common type in V, i.e. there exists at G TSwfr such that x : ra t G V 
and c(t„) G Term^(V) (i.e. ^ G Termg^(F), 1 < i < n). Let us take V = 
: ri<Tt, . . . , x n : T n <7 t ]. Noting that x and c(x n ) have type rat in V', it is 
straightforward to check that V' G env(G'). 

• n = (...,Ui : Si -> n c : C,F : s -» c(ti, . . . , tn)^) + (OMUT), where 
o~d(x) = d(si, . . . , s m ) and Eq : d(l±, . . . , l m ) — > s -4= G G We can find a 
variant £V : rf(Z^ , . . . , ^) — > s' <^ G' of a rule in such that dvar(Eq') f) 
(dvar(G) U {xi, . . . ,x m }) = and Eq = Eq'od , for some Od Q G DSub±. Let us 
consider T = Imitation+Mutation^ with Eq' . Consider a' d defined as cr' d {xi) = 
Si, 1 < i < m, o-' d {x) = cr<j (x), if x G dvar(Eq'), <r' d (x) — o~d{x), otherwise. 
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It is holds that a d (x) = cr d (x) = d(s 1 , . . . ,s m ) = d(xi, . . . , x m )a' d , cr' d (xi) — >• 
l i a d = $t ~> k, C'a' d = C and s'a d -> c{t\, . . . ,t n )a' d = s — » c{t\, . . . ,t n )a d . 
Furthermore, for all e G Expr- s (DVar) (x^ dvar(e), dvar(e) D dvar(Eq') = 0) 
it holds that e[x/d(xi, . . . ,x m )]a d — eod- The witness M' = (M - {[n ]}) U 
I ni , . . . , n m , IF, n r } verifies that M'<M'. 

From Proposition 16.31 there exist an environment V* and a type variant d : 
(t[ , . . . , T' m ) — » t of the principal type of d such that l[ G Term^ (V*), 1 < i < m, 
s' G Term\,{V*) and C" is well-typed w.r.t. T^. Since c and e? are constructors 
of the same datatype, then there exists a type variant of the principal type 
of c of the form c : (ti,...,t„) — > r. Consider V 6 env(G). Then it holds 
that x : t* <E V and c(t n ) G Expr^ (V), for some r* 6 TTc(TVar). We can 
find <7t € PSufr such that r* = rat. From transparency, we have that £j G 
Terni^ at (V) . Furthermore, we can choose x m and V* such that cfcar(V) n 
x m = 0, Gfoar(y) n dvar(V*) — and Gfoar(V*) n x m — 0. Let us consider the 
environment V = l^U{ij : T[a t | 1 < i < m}UV*a t . It holds that V G env(G') 

• G = 3?1 • SOf(e n ) -> c(t m ), PUE. Then T = Narrowing^. 

If all approximation statements in P are different from the previous analyzed cases 
then: 

(2) All e — > t G P are of the form e — » x 

Moreover, if P is empty then G is quasi-solved due to (1). Otherwise, since G 
is not quasi-solved, there exists e — > a; G P such that e g" DVar. We choose any 
e — > a; G P such that e ^ DVar and do the following process: 

• If x does not occur elsewhere in G, we stop; 

• If there is some u == t> G E such that a; = u or x = u, then we stop; 

• Otherwise, there is some e' — ► x' G P with x G dvar(e'). Then, we repeat the 
process with e' — > x'. 

Since 3> is irreflexive, the process above ends after m + 1 steps, generating the 
following sequence of approximation statements: eo — * xo, ei — + xi, . . . , e m — * x m , 
where eo = e, xo = x and x^ G dvar(ei+i), < i < m — 1. Let us chose the 
biggest i, < i < m, such that e^ DVar and e^, i < < m is a variable (it 
exists because eo G" PVar). Then, if the process above finished because x m does 
not occur elsewhere in G, then we can apply the transformation rule Elimination^ 
to e m — » x m . Otherwise, the process has finished because x m —— z or z == x m 
occurs in P. But in such demanded variable and either Imitation^ or 

Narrowing^ can be applied to e, — » Xj, depending on the structure of e^. □ 



